CompTIA PenTest+ PT0-002 Practice Question
During a penetration test, you have determined that the SSL certificates used on a company's web server are self-signed and have been expired for 6 months. What would be the most appropriate recommendation to include in your report to improve their certificate management practices?
Request an exception from browsers' certificate warning lists to avoid security warnings about the self-signed certificates.
Implement a web application firewall (WAF) to secure the server and mitigate the need for a trusted certificate.
Replace self-signed certificates with certificates issued by a trusted Certificate Authority (CA), and implement a process to check and renew certificates before they expire.
Renew the self-signed certificates to extend their validity period so that users no longer receive security warnings.