Free CompTIA PenTest+ PT0-002 Practice Question
During a passive reconnaissance mission, you discover that the secure communication certificate used by the target organization's web server has been invalidated. Which option should you choose to most authoritatively confirm the current status of this certificate?
Employ an automated scanning tool to analyze the server's encryption protocols and identify any invalidations.
Inspect the browser's security panel while accessing the website for any security warnings.
Use the Online Certificate Status Protocol (OCSP) to verify the current status directly from the issuing authority.
Conduct a WHOIS domain lookup to see if there is any mention of certificate invalidation.
This question's topic:
CompTIA PenTest+ PT0-002 /
Information Gathering and Vulnerability Scanning
SAVE $49