CompTIA
CAS-003 · Question #375
CAS-003 Question #375: Real Exam Question with Answer & Explanation
The correct answer is B: Implement TLS and require the client to use its own certificate during handshake.. TLS validation is usually done for the server. However, it can also be used validation both client
Question
A company's chief cybersecurity architect wants to configure mutual authentication to access an internal payroll website. The architect has asked the administration team to determine the configuration that would provide the best defense against MITM attacks. Which of the following implementation approaches would BEST support the architect's goals?
Options
- AUtilize a challenge-response prompt as required input at username/password entry.
- BImplement TLS and require the client to use its own certificate during handshake.
- CConfigure a web application proxy and institute monitoring of HTTPS transactions
- DInstall a reverse proxy in the corporate DMZ configured to decrypt TLS sessions.
Explanation
TLS validation is usually done for the server. However, it can also be used validation both client
Community Discussion
No community discussion yet for this question.