exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam

Exam CAS-004 topic 1 question 410 discussion

Actual exam question from CompTIA's CAS-004
Question #: 410
Topic #: 1
[All CAS-004 Questions]

A cloud security engineer is setting up a cloud-hosted WAF. The engineer needs to implement a solution to protect the multiple websites the organization hosts. The organization websites are:

• www.mycompany.org
• www.mycompany.com
• campus.mycompany.com
• wiki.mycompany.org

The solution must save costs and be able to protect all websites. Users should be able to notify the cloud security engineer of any on-path attacks. Which of the following is the best solution?

  • A. Purchase one SAN certificate.
  • B. Implement self-signed certificates.
  • C. Purchase one certificate for each website.
  • D. Purchase one wildcard certificate.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
armid
Highly Voted 8 months, 1 week ago
Selected Answer: A
multiple domains mean SAN, single domain with multiple subdomains mean wildcard
upvoted 6 times
...
saucehozz
Highly Voted 10 months, 3 weeks ago
The organization websites have .net and .org TLDs. A SAN certificate will cover multiple TLDs.
upvoted 6 times
...
Chiller619
Most Recent 1 week, 4 days ago
Selected Answer: A
You buy 1 SAN which allows you to list everything you want covered regardless of whether it is example.com or example.org or mail.example.org. Wildcards don't allow multiple domains. *.example.com This is just like performing a wildcard search. example.com is the fixed variable and anything that come before it is good. If you change example or you change .com, you have made a different domain. 1 domain per wild card. We have 2 domains in the question.
upvoted 1 times
...
3041b53
1 month, 3 weeks ago
Selected Answer: A
Multiple domains (.com and .org) you use a SAN certificate. Mutliple sub domains (www.domain.com, news.domain.com, pic.domain.com) you use a wildcard. The answer is A.
upvoted 2 times
...
Bright07
3 months ago
Selected Answer: D
Guys, please don't let CompTIA questions twist your brain. Just break the question down to make it easy for you. www.mycompany.org - domain . wiki.mycompany.org - subdomain www.mycompany.com - domain .campus.mycompany.com - subdomain As you can see that these are the subdomain under one domain which results answer to D. Wildcard Certificate. Apart from this explanation, a wildcard certificate would be a simpler and more cost-effective choice according to the question.
upvoted 1 times
Chiller619
1 week, 4 days ago
How do you propose to do 2 different top level domains (.org and .com) with 1 wildcard. 1 Wildcard covers 1 domain. You have two domains.
upvoted 1 times
...
...
Kokoh23
3 months ago
Selected Answer: D
There's no SAN Certificate... Its a WILD CARD certificate that contains multiple Sub-Domains covered by the same certificate for the 1st level Domain.
upvoted 2 times
...
AGUDLP
8 months, 1 week ago
Selected Answer: A
There should be a typo at the A option: It should be like: The best solution in this case would be A. Purchase one certificate with multiple Subject Alternative Names (SANs).
upvoted 4 times
...
loucrass
10 months, 3 weeks ago
D. Purchase one wildcard certificate. Chat GPT gave me this answer
upvoted 2 times
saucehozz
10 months, 3 weeks ago
Read the question carefully. Wildcard doesn't doesn't cover more than one TLD, e.g, ORG, NET, COM
upvoted 6 times
...
...
gunjack83
10 months, 3 weeks ago
Selected Answer: D
Purchasing one wildcard certi fi cate is the best soluti on to protect multi ple websites hosted by an organizati on in acloud-hosted WAF. A wildcard certi fi cate is a type of SSL/TLS certi fi cate that can secure a domain name and anynumber of its subdomains with a single certi fi cate. For example, a wildcard certi fi cate for *.mycompany.com cansecure www.mycompany.com, campus.mycompany.com, and any other subdomain under mycompany.com. Awildcard certi fi cate can save costs and simplify management compared to purchasing individual certi fi cates foreach website.
upvoted 2 times
...
cf13076
11 months ago
Selected Answer: D
D. Purchase one wildcard certificate. In this scenario, where the organization hosts multiple websites under different subdomains, purchasing a wildcard certificate would be the best solution. A wildcard certificate allows secure connections for multiple subdomains under the same domain using a single certificate. By using a wildcard certificate, the cloud security engineer can secure all websites hosted by the organization (www.mycompany.org, www.mycompany.com, campus.mycompany.com, wiki.mycompany.org) without the need to purchase separate certificates for each site. This approach would help save costs and simplify certificate management for the multiple websites. Additionally, users would still be able to notify the security engineer of any on-path attacks as the wildcard certificate would ensure secure connections to all websites.
upvoted 2 times
...
saucehozz
11 months ago
Selected Answer: A
A. Covers multiple domains and subdomains
upvoted 2 times
...
c0ffad1
11 months ago
Selected Answer: A
A. Purchase one SAN certificate is the best choice as it directly addresses the need for a comprehensive and cost-effective solution to protect all the specified websites under one certificate, with formal recognition and trust from clients’ systems. This simplifies management, reduces costs, and provides a robust security solution compliant with industry standards.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago