CompTIA Security+ (SY0-501) — Question 72

The chief security officer (CS0) has issued a new policy that requires that all internal websites be configured for HTTPS traffic only. The network administrator has been tasked to update all internal sites without incurring additional costs.
Which of the following is the best solution for the network administrator to secure each internal website?

Answer options

• A. Use certificates signed by the company CA
• B. Use a signing certificate as a wild card certificate
• C. Use certificates signed by a public ca
• D. Use a self-signed certificate on each internal server

Correct answer: A

Explanation

Using certificates signed by the company CA is the best solution because it ensures that the internal sites are trusted within the organization without incurring additional costs. The other options, such as public CA certificates, may involve fees, while wildcard certificates and self-signed certificates do not offer the same level of trust and could lead to security warnings.