Exam CV0-003 topic 1 question 14 discussion

The MOST likely cause of the issue is that the cloud web server is using strong ciphers that are not supported by older browsers. Strong ciphers provide a higher level of security but are often not supported by older browsers, which can lead to connection issues. To resolve the issue, the systems administrator can configure the cloud web server to support weaker ciphers that are compatible with older browsers.

TLS Cipher Suites: The most likely cause of this issue is that the cloud web server is using stronger or more modern TLS cipher suites that are not supported by older browsers or older operating systems. Modern browsers and OS versions tend to support the latest security standards, while older versions may lack support for newer or more secure ciphers. This could be especially true if the server is using TLS 1.2 or TLS 1.3 with advanced cipher suites, which might not be supported by older browsers or operating systems. These older versions may only support weaker ciphers or older versions of TLS like TLS 1.0 or TLS 1.1, which are now considered insecure.

After AI Review, I am changing my answer to "C" I spent some time reviewing my initial response to this question, and doing some google research as well. So I m finally leaning towards option "C" Using a self-signed TLS certificate, common connection issues include: browser warning pop-ups alerting users about the untrusted certificate, potential for Man-in-the-Middle (MITM) attacks due to lack of trust validation, difficulty connecting to services that require trusted certificates, and user hesitation to proceed due to the security warnings displayed by their browser; essentially, any situation where a user's device cannot verify the authenticity of the certificate, leading to potential security concerns and disruption of the connection.

After a careful examination of the question, I think option D is the correct answer.

I understand why C is what it's looking for. The question says that the only change was the server moving from internal to public. If it was a TLS version issue, they should've seen it when they were internal too. That crosses out D making C the only "possible" answer.

The most likely cause of the issue based on the provided information is: C. The cloud web server is using a self-signed certificate that is not supported by older browsers. Older operating systems and browsers might not support or trust self-signed certificates, causing them to fail in establishing a secure connection with the web server. This issue would result in the inability of users on older OS versions to load the application home page despite having the same TLS certificate.

It's obviously C. So many people seem to have missed the memo on self-signed certificates. To host something on the web you need a PUBLIC CA to issue your certificate for it to be trusted. Since they were using the same certificate as when they had it running internally only... then its self-signed. The cipher thing is stupid. you really think everyone is running out of date browsers? come on, question the obvious. This is obviously a self-signed certificate issue.

The MOST likely cause of the issue where only internal users with newer OS versions can load the application home page in a TLS-encrypted connection is: **D. The cloud web server is using strong ciphers that are not supported by older browsers.** Here's why: TLS (Transport Layer Security) connections involve encryption and decryption processes that rely on cryptographic ciphers. Older web browsers or OSs may not support the latest, most secure cryptographic ciphers due to security updates and compatibility issues.

Strong ciphers

I agree with C, the server is using the same TLS certificate both internally and externally. Regardless if the site was used internally or externally, the question states the same certificate was used.

This seems like an obvious answer.

The MOST likely cause of the issue is that the cloud web server is using strong ciphers that are not supported by older browsers (Option D). TLS is a protocol that encrypts data transmitted over the internet. When a client (such as a web browser) connects to a server (such as a web server), the two parties negotiate the encryption protocol and cipher that will be used for the connection. If the client and server do not support the same encryption protocols and ciphers, the connection will fail. In this scenario, it is likely that the cloud web server is using strong ciphers that are not supported by older browsers. This would cause the connection to fail for internal users who are using older versions of the OSs.

Answer is D

ANSWER MUST BE D, no doubts, met the same scenario before

D, I agree with bx88 statement.

Answer is D The firewall policies should NOT have any impact in this scenario. If the policies block inbound or outbound traffics, users could not even access the application while it was hosted on-prem. Since the new web server and has the same TLS certificate as the internal application that is deployed, certificate is less likely the cause of the issue. If the web server is using strong ciphers that are not supported by older browsers (for example - the web server requires AES 256 bits while the old browser supports 128 and 192 bits only), the users using old browsers could not access the page. This is the most likely cause of the issue.

Answer is D