nerdexam
CompTIA

CV0-003 · Question #198

A new browser version has been deployed to all users at a company. After the deployment, users report that they can no longer access the company's secure time-card system, which is hosted by a SaaS pr

The correct answer is C. Obsolete security technologies implemented on the SaaS servers. When a new browser version is deployed and users suddenly cannot access a previously working HTTPS site, while rolling back restores access, the root cause is almost always a protocol/cipher compatibility mismatch. Modern browsers progressively drop support for obsolete or deprec

Troubleshooting

Question

A new browser version has been deployed to all users at a company. After the deployment, users report that they can no longer access the company's secure time-card system, which is hosted by a SaaS provider. A technician investigates and discovers a security error is received upon opening the site. If the browser is rolled back to the older version, the site is accessible again. Which of the following is the MOST likely cause of the security error users are seeing?

Options

  • ASSL certificate expiration on the SaaS load balancers
  • BFederation issues between the SaaS provider and the company
  • CObsolete security technologies implemented on the SaaS servers
  • DUnencrypted communications between the users and the application

How the community answered

(41 responses)
  • A
    15% (6)
  • B
    2% (1)
  • C
    76% (31)
  • D
    7% (3)

Explanation

When a new browser version is deployed and users suddenly cannot access a previously working HTTPS site, while rolling back restores access, the root cause is almost always a protocol/cipher compatibility mismatch. Modern browsers progressively drop support for obsolete or deprecated security technologies - such as TLS 1.0, TLS 1.1, weak cipher suites (RC4, 3DES), or outdated certificate signature algorithms (SHA-1). If the SaaS provider's servers still rely on these obsolete protocols or ciphers to negotiate the secure connection, the new browser will refuse to connect and show a security error. The older browser still supports the legacy protocols, which is why the rollback restores access. Option A is incorrect because an expired certificate would have broken access on all browsers equally. Option B (federation) relates to identity/SSO issues, which would typically present as an authentication error, not a security/TLS error. Option D is wrong because the traffic is clearly still encrypted (HTTPS) - the error is about the negotiation of that encryption, not its absence.

Topics

#SSL/TLS compatibility#SaaS security#browser compatibility#obsolete security protocols

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice