CompTIA CASP+ (CAS-004) — Question 399

Employees are receiving certificate errors when visiting secure internet websites. A help desk technician reviews a sample of the certificates from various external websites and determines that an internal certificate with the name of the company’s proxy is present in the middle of the certificate chain. The help desk technician escalates the issue to the security team. Which of the following should the security team do next to resolve this issue?

Answer options

• A. Renew and redeploy the intermediate CA certificate.
• B. Contact the external websites about updating their certificates.
• C. Use Wireshark to analyze network traffic for potential malicious activities.
• D. Add the affected websites to the proxy's allow list.

Correct answer: A

Explanation

The correct answer is A because renewing and redeploying the intermediate CA certificate will ensure that the certificate chain is valid and trusted, resolving the certificate errors. Options B and D do not address the internal certificate issue, and option C focuses on network traffic analysis rather than resolving the certificate chain problem.