CompTIA Security+ (SY0-501) — Question 706

An accountant is attempting to log in to the internal accounting system and receives a message that the website's certificate is fraudulent. The accountant finds instructions for manually installing the new trusted root onto the local machine. Which of the following would be the company's BEST option for this situation in the future?

Answer options

• A. Utilize a central CRL.
• B. Implement certificate management.
• C. Ensure access to KMS.
• D. Use a stronger cipher suite.

Correct answer: B

Explanation

Implementing certificate management ensures that the organization can efficiently handle and renew certificates, reducing the chances of fraudulent certificates in the future. A central CRL helps with revocation but does not address the management of certificates directly. Access to KMS is unrelated to certificate validity, and using a stronger cipher suite does not resolve issues with certificate authenticity.