CompTIA CASP+ (CAS-004) — Question 228

A software development company is building a new mobile application for its social media platform. The company wants to gain its users’ trust by reducing the risk of on-path attacks between the mobile client and its servers and by implementing stronger digital trust. To support users’ trust, the company has released the following internal guidelines:

• Mobile clients should verity the identity of all social media servers locally.
• Social media servers should improve TLS performance of their certificate status.
• Social media servers should inform the client to only use HTTPS.

Given the above requirements, which of the following should the company implement? (Choose two.)

Answer options

• A. Quick UDP internet connection
• B. OCSP stapling
• C. Private CA
• D. DNSSEC
• E. CRL
• F. HSTS
• G. Distributed object model

Correct answer: B, F

Explanation

The correct answers are B and F. OCSP stapling allows the server to send the certificate status to the client, enhancing the verification of server identities and improving TLS performance. HSTS enforces HTTPS connections, ensuring secure communication and protecting against man-in-the-middle attacks. The other options do not directly address the requirements for enhancing trust and security between the mobile client and the servers.