CompTIA CASP+ (CAS-004) — Question 581

A security architect must mitigate the risks from what is suspected to be an exposed, private cryptographic key. Which of the following is the BEST step to take?

Answer options

• A. Revoke the certificate.
• B. Inform all the users of the certificate.
• C. Contact the company's Chief Information Security Officer.
• D. Disable the website using the suspected certificate.
• E. Alert the root CA.

Correct answer: A

Explanation

Revoking the certificate is the best action because it immediately invalidates the compromised key, preventing any unauthorized use. Informing users and contacting the CISO are important but do not directly mitigate the risk. Disabling the website is a temporary measure, and alerting the root CA does not provide immediate protection against the risk posed by the exposed key.