CompTIA Security+ (SY0-501) — Question 341

A security analyst is hardening a web server, which should allow a secure certificate-based session using the organization's PKI infrastructure. The web server should also utilize the latest security techniques and standards. Given this set of requirements, which of the following techniques should the analyst implement to
BEST meet these requirements? (Choose two.)

Answer options

• A. Install an X- 509-compliant certificate.
• B. Implement a CRL using an authorized CA.
• C. Enable and configure TLS on the server.
• D. Install a certificate signed by a public CA.
• E. Configure the web server to use a host header.

Correct answer: A, C

Explanation

Installing an X-509-compliant certificate and enabling TLS are essential to create secure, certificate-based sessions that align with current standards. While implementing a CRL and using a public CA certificate may contribute to security, they do not directly address the requirement for the latest security techniques as effectively as TLS does.