In an effort to secure communication for an internal-facing web service, a system administrator has been tasked with implementing an encrypted connection protocol. External validation of the server's identity by outside entities is not a requirement due to the service being exclusively accessed within the organization. What is the most appropriate action for the administrator to undertake?
Operate the web service without encryption since it is internally accessed and does not need protection.
Create and configure a certificate signed by the server's private key.
Rely on secure shell protocols for encrypted web traffic, circumventing the need for certificates.
Obtain and install a certificate from a recognized certificate authority.
The correct action is to generate a self-signed certificate because it allows the administrator to implement encryption for the web service without involving an external certificate authority (CA). This method is suitable for environments where trust is established by other means, such as within an organization where all clients accessing the service are controlled and can be configured to trust the self-signed certificate. The use of a self-signed certificate enables encrypted connections and ensures data privacy on the internal network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a self-signed certificate?
Open an interactive chat with Bash
Why is a self-signed certificate suitable for internal services?
Open an interactive chat with Bash
How does a certificate signed by a certificate authority differ from a self-signed certificate?