Exam SY0-501 topic 1 question 575 discussion

B. SSL/TLS Puts the "S" in HTTPS

Wildcard certificates would be like *.google.com. This would then be valid for ALL subdomains such as ftp.google.com, mail.google.com, etc. You cannot elect to omit select servers. The certificate will always include ALL of them. A Subject Alternate Name (or SAN) certificate can be used to secure dis-similar domains (e.g. hand.com, feet.com, etc.) This question requires us to omit certain websites, so I don't believe 'D' (wildcard certificate) is the correct answer. Both 'A' and 'C' are also obviously wrong, leaving us with 'B' as the correct answer. With multiple host certificates, you can secure each website individually as needed.

Key word multiple websites using host header means use one certificate for all subdomains so answer is D wildcard

The question is asking about which option we use to ENCRYPT web traffic. Seems like the only choice that has something to do with encryption is probably TLS (B), although I'm not sure what's the point of this question and haven't seen the TLS host certificate mentioned in any of my study materials.

I will go with D... Why? Becuse it is only answer provided which is covering more than one website... SAN certificate wouldbe also optionbut it ia not on the list ofanswers... Website is any URL with unique (sub)domain... Mail.google.com is one site, play.google.com is another, drive.google.com is another one and so on...

D. I would pick. https://techcommunity.microsoft.com/t5/iis-support-blog/hosting-multiple-websites-ip-or-host-headers/ba-p/287806

Agreed with NotMyName. Wildcard certificates like *google.com provide validation for payment.google.com, mail.google.com, etc. Wildcard certs are used for SUBDOMAINS. The question just says websites not subdomains. Going with B on real exam

It seems that's there's multiple SSL/TLS Certificates: Single-domain, Wildcard, Multi-domain. Then, there are 3 types of SSL/TLS certificate VALIDATION: Domain, Organization, Extended. Since the question is asking about encryption, we are left with two possible answers - TLS host certificate and wildcard certificate. Wildcard certificate seems to be the more specific answer, but it doesn't say "Wildcard TLS/SSL Certificate". Is that why the answer is B? Moreover, does the implementation of multiple websites using the same host header on the same server mean we are talking about an entire domain with its subdomains?

Agreed: Answer D. Normally we have a specified domain name for outside users to connect to. Other times we may need to break it down into multiple server names or sub domains that change parts of the URL. For example a certificate for *.google.com could be used on mail.google.com, photos.google.com, etc. This fits the requirements and I havent found a source to explain how a TLS host certificate would be better.

I agree with SimonR2. The answer should be D. Wildcard certificate. ... HTTP certificates typically are issued to specific URLs. For example, my company has one certificate for the www.totalsem.com Web site and a second certificate for our portal, hub.totalsem.com. We purchased the two certificates at different times and from different CAs (Figure 8-29). Wildcard certificates apply to a whole domain, rather than a specific URL. If we purchased a wildcard certificate for totalsem.com, every subdomain we create will use that certificate. This sounds great, right? We would need to purchase a single certificate to secure www.totalsem.com and hub.totalsem.com, two subdomains of totalsem.com. ... (Mike Meyers’ CompTIA Security+ p. 460-461)

I’m not sure this is the correct. The question says “multiple sites” as usual there isn’t enough information. Depending on what hosts the certificate covers we might need a wildcard cert?