Exam CS0-003 topic 1 question 81 discussion

Self-signed certificates are not issued by a trusted third-party certificate authority, which can lead to trust issues for users' web browsers. When users visit a website with a self-signed certificate, they often receive security warnings and may be prompted to confirm if they want to proceed, as the browser cannot verify the authenticity of the certificate. However, this error should also have occurred before the malware attack. Users should be aware of this error and know how to act and the reason why it occurs. The question is poorly formulated

Some of ya'll have never had to deal with web developers on their own program before... The answer is D. They forgot to issue the domain's certificate to the server before putting it back into production. Not every issue/error = malware.

Correct Answer: D. The digital certificate on the web server was self-signed. Analysis: A self-signed certificate on a web server can cause trust issues because it is not issued by a trusted Certificate Authority (CA). When users visit the website, their browsers will warn them that the site cannot be trusted, leading to the issues reported. Explanation of Other Options: A. The server was configured to use SSL to securely transmit data: Using SSL/TLS is a good practice for secure transmission, but this alone does not cause trust issues unless the certificate is invalid. B. The server was supporting weak TLS protocols for client connections: While supporting weak protocols can be a security risk, it does not directly cause the site to be marked as untrusted by browsers. C. The malware infected all the web servers in the pool: This would cause functionality or security issues but does not specifically relate to trust warnings from browsers.

C is the correct answer because sites are not being trusted from a third-part certificate have nothing to do with a malware outbreak

If one server in a pool was infected with malware and then rebuilt and re-added without ensuring that the other servers were clean, it’s possible that the malware spread to the other servers, leading to trust issues with the website. Users may perceive the site as untrustworthy if any of the servers are still compromised.

I haven't encountered a malware that would cause this kind of error, except for untrusted CA or self-signed certificates.

Keep in mind the following, they do not say all users.... server was rebuilt, but was not given correct cert afterwards, this can happen. Once again if malware were to spread to the rest of the servers, this would occur before it was rebuilt and added back in poo, not afterwards as after it was rebuilt, the malware was no more....

"could not be trusted." Which is a certificate issue. There is no mentioned of AV flagging the website as being compromised.

Read the question... "after the server was rebuilt" If the malware affected the other systems, the effects would have been noticed before it was rebuilt, not after...

Hard to choose between C and D, but I think C has the upper hand. As Kmordalv stated, the trusted site error should have been present before the malware incident. The question, however, does not provide any indication this was the case. The most logical and straightforward answer given the details we are provided is that reintroducing the server back into the pool spread the malware to the other servers.

1. A single virtual server in a pool of webservers was infected... 2. The server was rebuilt and added back to the server pool 3. Users reported issues = the site can't be trusted The most likely cause of this event was C) all of the servers are now infected

Certificates are for authentication. All web servers in the pool were affected.