Exam PT0-002 topic 1 question 11 discussion

Generate a Certificate Signing Request (CSR): This step is the first step in the process of obtaining a new certificate. The CSR is a file that contains information about the website and the organization that operates it, as well as a public key. This file is then sent to a Certificate Authority (CA) to request a new certificate. Submit CSR to the CA: Once the CSR is generated, it is sent to the chosen CA. The CA will then validate the information in the CSR and issue a new certificate. Install re-issued certificate on the server: Once the new certificate is issued, it needs to be installed on the server. This step ensures that the new certificate is properly configured and can be used to secure the website. Remove certificate from server: After the new certificate is installed, the old certificate needs to be removed from the server to avoid any confusion or security issues.

An expired cert still has the public key and can complete the TLS handshake. I trouble shoot cert issues at work all the time so that definitely isn't a vulnerability. Look at the HTML. The username and password are commented out. Who cares about cookies and a secure connection when you can have access to the admin account. lol

Can anyone explain why the ASP.net cookie is bad?

Heads up: THIS question was asking the test taker to remediate the MOST vulnerable thing. Comptia has deemed the certificate as the most vulnerable thing. HOWEVER, watch the wording because some students have reported being asked to remediate all 3! Good luck, guys!

#remediatecertificate Step 1: Generate Certificate Signing Request Step 2: Submit CSR to the CA - Step 3: Install re-issued certificate on the server Step 4: Remove certificate from the server

The way this question is worded, it seems to have 2 parts. Part 1: Which is the highest vulnerability? Part 2: Remediate the vulnerability. For Part 1, everyone is assuming the expired certificate is the greater vulnerability, but I think having admin credentials in the source code of the web page is a much greater vulnerability than an expired certificate. The expired cert is definitely bad, but giving out admin credentials is so much worse. So getting rid of the commented admin and password lines should be the remediation. If you think a certificate is more important than admin rights to the website, by all means, choose this option, but I'll be going with the more severe vulnerability.

Surely the Secure system box needs some input too? It looks to me as though there are checkboxes on the solution picture but nothing is ticked

Note, there are 3 distinct labs here. Look at question #168 for the full display. People are only answering the first part.

Step 1 - Generate a Certificate Signing Request Step 2 - Submit CSR to the CA Step 3 - Install re-issued certificate on the server Step 4 - Remove Certificate from Server https://www.examtopics.com/discussions/comptia/view/53668-exam-pt0-001-topic-1-question-142-discussion/

There is a misalagment between what you guys suggest in step 3 - 4 and the suggested answer. Step 3 Install Step 4 Remove. But it makes sense to do the opposite: remove the certificate first then install the new one

Step 1 - Generate a Certificate Signing Request Step 2 - Submit CSR to the CA Step 3 - Install re-issued certificate on the server Step 4 - Remove Certificate from Server