Home CompTIA CySA+ CS0-001 – Q. 317

CySA+ CS0-001 – Q. 317


A security analyst is running a routine vulnerability scan against a web farm. The farm consists of a single server acting as a load-balancing reverse proxy and offloads cryptographic processes to the backend servers. The backend servers consist of four servers that process the inquiries for the front end.

A web service SSL query of each server responds with the same output: Connected (0x000003)
depth=0 /0=farm.company.com/CN=farm.company.com/OU=Domain Control Validated
Which of the following results BEST addresses these findings?

A. Advise the application development team that the SSL certificates on the backend servers should be revoked and reissued to match their hostnames
B. Notify the application development team of the findings and advise management of the results
C. Create an exception in the vulnerability scanner, as the results and false positives and can be ignored safely
D. Require that the application development team renews the farm certificate and includes a wildcard for the ‘local’ domain in the certificate SAN field
Correct Answer: