Which of the following is the b«« way to fix this issue?
A security analyst received a report that an internal web page is down after a company-wide update to the web browser Given the following error message:
Which of the following is the b«« way to fix this issue?
A. Rewriting any legacy web functions
B. Disabling all deprecated ciphers
C. Blocking all non-essential pons
D. Discontinuing the use of self-signed certificates
Answer: D
Explanation:
The error message "NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM" indicates that the web browser is rejecting the certificate because it uses a weak signature algorithm. This commonly happens with self-signed certificates, which often use outdated or insecure algorithms.
Why Discontinue Self-Signed Certificates?
Security Compliance: Modern browsers enforce strict security standards and may reject certificates that do not comply with these standards.
Trusted Certificates: Using certificates from a trusted Certificate Authority (CA) ensures compliance with security standards and is less likely to be flagged as insecure.
Weak Signature Algorithm: Self-signed certificates might use weak algorithms like MD5 or SHA-1, which are considered insecure.
Other options do not address the specific cause of the certificate error:
A. Rewriting legacy web functions: Does not address the certificate issue.
B. Disabling deprecated ciphers: Useful for improving security but not related to the certificate error.
C. Blocking non-essential ports: This is unrelated to the issue of certificate validation.
References:
CompTIA SecurityX Study Guide
"Managing SSL/TLS Certificates," OWASP
"Best Practices for Certificate Management," NIST Special Publication 800-57
Latest CAS-005 Dumps Valid Version with 117 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund