A development team has been testing a web server on a virtual server to create a web application. Once satisfied, the development team clones the entire virtual server into production. The development team needs to use HTTP, HTTPS, and SSH to connect to the new server. Which of the following should the network administrator do to help secure this new production VM? (Choose two.)
To secure the new production VM, it is important to generate new SSH host keys to ensure the connections are unique and secure, and to remove unnecessary testing accounts to prevent unauthorized access. Generating new SSH host keys helps prevent man-in-the-middle attacks, while removing unnecessary testing accounts mitigates the risk of using default or weak credentials left over from the development phase.
Cd. You don’t use self signed for production web apps
YOU CAN USE
self signed ?
It's because a self-signed certificate gives SSL protection, so it does fit the criteria of securing the VM
I'm guessing because the server is cloned, you need a new certificate. Though self-signed isn't ideal, it does not state that the production server is a public-facing server. Maybe it's an internal webserver. For internal servers self-signed certificates are okay.
Self signed certs will fail a PCI compliance scan...
CE is right. I'm guessing the question is asking how to secure the VM WHILE in production. Self-signed is often used in non-production environment.