CompTIA Security+ (SY0-601) — Question 570

A spoofed identity was detected for a digital certificate. Which of the following are the type of unidentified key and the certificate that could be in use on the company domain?

Answer options

• A. Private key and root certificate
• B. Public key and expired certificate
• C. Private key and self-signed certificate
• D. Public key and wildcard certificate

Correct answer: C

Explanation

The correct answer is C, as a private key combined with a self-signed certificate can create a situation where the identity is not verifiable. Options A and D involve public keys or root certificates that are generally recognized and valid, while option B refers to an expired certificate, which would not be suitable for establishing a secure connection.