CompTIA CASP+ (CAS-004) — Question 392

An organization needs to disable TLS 1.0 on a retail website. Which of the following best explains the reason for this action?

Answer options

• A. Payment card industry compliance requires the change.
• B. Digital certificates are dependent on a newer protocol.
• C. Most browser manufacturers are ending legacy support.
• D. The application software no longer supports TLS 1.0.

Correct answer: A

Explanation

The correct answer is A, as compliance with the Payment Card Industry Data Security Standards mandates the use of secure protocols, and TLS 1.0 is considered outdated and insecure. Options B and D are incorrect because digital certificates can still function without relying on TLS 1.0, and many applications can still support TLS 1.0 despite it being phased out. Option C is partially true, but the primary reason is compliance with industry standards.