In an effort to secure communication for an internal-facing web service, a system administrator has been tasked with implementing an encrypted connection protocol. External validation of the server's identity by outside entities is not a requirement due to the service being exclusively accessed within the organization. What is the most appropriate action for the administrator to undertake?
Activate encrypted connections without a certificate, as internal services do not require authentication.
Create and configure a certificate signed by the server's private key.
Rely on secure shell protocols for encrypted web traffic, circumventing the need for certificates.
Operate the web service without encryption since it is internally accessed and does not need protection.
Procure a domain-validated certificate and apply it to the web service.
Obtain and install a certificate from a recognized certificate authority.
The correct action is to generate a self-signed certificate because it allows the administrator to implement encryption for the web service without involving an external certificate authority (CA). This method is suitable for environments where trust is established by other means, such as within an organization where all clients accessing the service are controlled and can be configured to trust the self-signed certificate. The use of a self-signed certificate enables encrypted connections and ensures data privacy on the internal network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a self-signed certificate and how does it work?
Open an interactive chat with Bash
Why is obtaining a certificate from a recognized Certificate Authority generally preferred for public services?
Open an interactive chat with Bash
What steps should be taken to create and deploy a self-signed certificate?