Examice

Exam CAS-004 All QuestionsBrowse all questions from this exam

Question 410

A cloud security engineer is setting up a cloud-hosted WAF. The engineer needs to implement a solution to protect the multiple websites the organization hosts. The organization websites are:

• www.mycompany.org

• www.mycompany.com

• campus.mycompany.com

• wiki.mycompany.org

The solution must save costs and be able to protect all websites. Users should be able to notify the cloud security engineer of any on-path attacks. Which of the following is the best solution?

Purchase one SAN certificate.

Implement self-signed certificates.

Purchase one certificate for each website.

Purchase one wildcard certificate.

Correct Answer: D

Discussion

saucehozzOption: A

The organization websites have .net and .org TLDs. A SAN certificate will cover multiple TLDs.

AGUDLPOption: A

There should be a typo at the A option: It should be like: The best solution in this case would be A. Purchase one certificate with multiple Subject Alternative Names (SANs).

armidOption: A

multiple domains mean SAN, single domain with multiple subdomains mean wildcard

loucrassOption: D

D. Purchase one wildcard certificate. Chat GPT gave me this answer

saucehozz

Read the question carefully. Wildcard doesn't doesn't cover more than one TLD, e.g, ORG, NET, COM

gunjack83Option: D

Purchasing one wildcard certi fi cate is the best soluti on to protect multi ple websites hosted by an organizati on in acloud-hosted WAF. A wildcard certi fi cate is a type of SSL/TLS certi fi cate that can secure a domain name and anynumber of its subdomains with a single certi fi cate. For example, a wildcard certi fi cate for *.mycompany.com cansecure www.mycompany.com, campus.mycompany.com, and any other subdomain under mycompany.com. Awildcard certi fi cate can save costs and simplify management compared to purchasing individual certi fi cates foreach website.

cf13076Option: D

D. Purchase one wildcard certificate. In this scenario, where the organization hosts multiple websites under different subdomains, purchasing a wildcard certificate would be the best solution. A wildcard certificate allows secure connections for multiple subdomains under the same domain using a single certificate. By using a wildcard certificate, the cloud security engineer can secure all websites hosted by the organization (www.mycompany.org, www.mycompany.com, campus.mycompany.com, wiki.mycompany.org) without the need to purchase separate certificates for each site. This approach would help save costs and simplify certificate management for the multiple websites. Additionally, users would still be able to notify the security engineer of any on-path attacks as the wildcard certificate would ensure secure connections to all websites.

saucehozzOption: A

A. Covers multiple domains and subdomains

c0ffad1Option: A

A. Purchase one SAN certificate is the best choice as it directly addresses the need for a comprehensive and cost-effective solution to protect all the specified websites under one certificate, with formal recognition and trust from clients’ systems. This simplifies management, reduces costs, and provides a robust security solution compliant with industry standards.