Exam CAS-004 topic 1 question 410 discussion

multiple domains mean SAN, single domain with multiple subdomains mean wildcard

The organization websites have .net and .org TLDs. A SAN certificate will cover multiple TLDs.

You buy 1 SAN which allows you to list everything you want covered regardless of whether it is example.com or example.org or mail.example.org. Wildcards don't allow multiple domains. *.example.com This is just like performing a wildcard search. example.com is the fixed variable and anything that come before it is good. If you change example or you change .com, you have made a different domain. 1 domain per wild card. We have 2 domains in the question.

Multiple domains (.com and .org) you use a SAN certificate. Mutliple sub domains (www.domain.com, news.domain.com, pic.domain.com) you use a wildcard. The answer is A.

Guys, please don't let CompTIA questions twist your brain. Just break the question down to make it easy for you. www.mycompany.org - domain . wiki.mycompany.org - subdomain www.mycompany.com - domain .campus.mycompany.com - subdomain As you can see that these are the subdomain under one domain which results answer to D. Wildcard Certificate. Apart from this explanation, a wildcard certificate would be a simpler and more cost-effective choice according to the question.

There's no SAN Certificate... Its a WILD CARD certificate that contains multiple Sub-Domains covered by the same certificate for the 1st level Domain.

There should be a typo at the A option: It should be like: The best solution in this case would be A. Purchase one certificate with multiple Subject Alternative Names (SANs).

D. Purchase one wildcard certificate. Chat GPT gave me this answer

Purchasing one wildcard certi fi cate is the best soluti on to protect multi ple websites hosted by an organizati on in acloud-hosted WAF. A wildcard certi fi cate is a type of SSL/TLS certi fi cate that can secure a domain name and anynumber of its subdomains with a single certi fi cate. For example, a wildcard certi fi cate for *.mycompany.com cansecure www.mycompany.com, campus.mycompany.com, and any other subdomain under mycompany.com. Awildcard certi fi cate can save costs and simplify management compared to purchasing individual certi fi cates foreach website.

D. Purchase one wildcard certificate. In this scenario, where the organization hosts multiple websites under different subdomains, purchasing a wildcard certificate would be the best solution. A wildcard certificate allows secure connections for multiple subdomains under the same domain using a single certificate. By using a wildcard certificate, the cloud security engineer can secure all websites hosted by the organization (www.mycompany.org, www.mycompany.com, campus.mycompany.com, wiki.mycompany.org) without the need to purchase separate certificates for each site. This approach would help save costs and simplify certificate management for the multiple websites. Additionally, users would still be able to notify the security engineer of any on-path attacks as the wildcard certificate would ensure secure connections to all websites.

A. Covers multiple domains and subdomains

A. Purchase one SAN certificate is the best choice as it directly addresses the need for a comprehensive and cost-effective solution to protect all the specified websites under one certificate, with formal recognition and trust from clients’ systems. This simplifies management, reduces costs, and provides a robust security solution compliant with industry standards.