An older web server on a screened subnet is serving unencrypted web traffic. The server is not capable of serving HTTPS traffic directly, but the firewall is capable of doing so. Which of the following should be done to encrypt all traffic coming into the web server from outside the network? (Choose two.)
To encrypt all traffic coming into the web server from outside the network, the correct steps involve installing a certificate on the firewall and forwarding incoming port 443 (HTTPS) traffic to port 80 (HTTP) on the server. Installing the certificate on the firewall ensures that the firewall can handle the encryption and decryption of HTTPS traffic, providing the necessary encryption for incoming traffic. Forwarding port 443 traffic to port 80 on the server allows the firewall to decrypt the HTTPS traffic and then forward the unencrypted HTTP traffic to the server, enabling the server to handle it even though it cannot serve HTTPS traffic directly.
To encrypt all traffic coming into the web server from outside the network, the following steps should be taken: Install a certificate on the firewall: The firewall should be configured to handle the encryption and decryption of HTTPS traffic. This involves installing a valid SSL/TLS certificate on the firewall to secure the incoming web traffic. Incoming port 80 traffic at the firewall should be forwarded to port 443 on the server: Since the web server is not capable of serving HTTPS traffic directly, incoming HTTP (port 80) traffic should be forwarded to port 443 (HTTPS) on the server by the firewall. This allows the firewall to handle the encryption and forward the secure traffic to the web server.
gpt: A. A certificate should be installed on the server. B. Incoming port 80 traffic at the firewall should be forwarded to port 443 on the server. Explanation: Install a certificate on the server (A): Even though the server cannot serve HTTPS traffic directly, you can install a certificate on the server to handle the encryption once the traffic reaches it. Forward port 80 traffic to port 443 at the firewall (B): Since the server cannot handle HTTPS traffic directly, the firewall can be configured to forward incoming port 80 (HTTP) traffic to port 443 (HTTPS) on the server, where the encryption can be applied. These measures allow encryption to be implemented at the firewall, even if the web server itself cannot handle HTTPS traffic directly.
It would be uncommon these days to expect web users to connect to your web server over an un-encrypted internet connection i.e http. I'm going with D and E.
B and E
I feel like its B over D because incoming port 80 (HTTP) traffic at the firewall should be forwarded to port 443 (HTTPS) on the server. This ensures that all HTTP traffic coming into the network is redirected to the HTTPS port (443) on the server, where the firewall can handle encryption.
Your idea is correct, but you read B and D backwards: B. Incoming port 80 traffic at the firewall should be forwarded to port 443 on the server.