Which of the following should the auditor recommend FIRST?

After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the

SSL certificate was issued to *.xyz.com. The auditor also notices that many of the internal
development servers use the same certificate. After installing the certificate on dev1.xyz.com, one
of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored.
Which of the following should the auditor recommend FIRST?

After connecting to a secure payment server at https://pay.xyz.com, an auditor notices that the

SSL certificate was issued to *.xyz.com. The auditor also notices that many of the internal
development servers use the same certificate. After installing the certificate on dev1.xyz.com, one
of the developers reports misplacing the USB thumb-drive where the SSL certificate was stored.
Which of the following should the auditor recommend FIRST?

A.
Generate a new public key on both servers.

B.
Replace the SSL certificate on dev1.xyz.com.

C.
Generate a new private key password for both servers.

D.
Replace the SSL certificate on pay.xyz.com.



Leave a Reply 0

Your email address will not be published. Required fields are marked *