Exam SY0-501 topic 1 question 169 discussion

certificated do not provide protectection , they provide validation

The answer should be A. SAN certificates by default doesn't offer EV. There's vendors like Digicert that do offer SAN certs with EV but this isn't a standard thing. B is wrong.

Answer A: The Subject Alternative Name field lets you specify additional host names (sites, IP addresses, common names, etc.) to be protected by a single SSL Certificate, such as a Multi-Domain (SAN) or Extend Validation Multi-Domain Certificate. https://www.digicert.com/faq/subject-alternative-name.htm

Answer is A! Extended validation certificate provides extended site validation See prof Messer's video https://www.youtube.com/watch?v=o5gAgmRjo6A

Wildcard - protects just one domain, multiple subdomains, and doesn't provide EV SAN - protects multiple domains, multiple subdomains and provides EV https://www.youtube.com/watch?v=dU-NedNmEfA

from the CompTia Security+ SY0-501 book Answer: A See page 715.

It is B. PLEASE READ PEOPLE, PLEASE READ: https://www.digicert.com/faq/subject-alternative-name.htm

It plainly says that it CANNOT protect Multiple Domains so A is incorrect, but it does say ALL subdomains....so this begs the question of "is ALL=UNLIMITED" in subdomains? It does specify that theses are top-level subdomains so how does this affect answer D?

From Digicert site The Subject Alternative Name field lets you specify additional host names (sites, IP addresses, common names, etc.) to be protected by a single SSL Certificate, such as a Multi-Domain (SAN) or Extend Validation Multi-Domain Certificate.Secure Host Names on Different Base Domains in One SSL Certificate: A Wildcard Certificate can protect all first-level subdomains on an entire domain, such as *.example.com. However, a Wildcard Certificate cannot protect both www.example.com and www.example.net. Virtual Host Multiple SSL Sites on a Single IP Address: Hosting multiple SSL-enabled sites on a single server typically requires a unique IP address per site, but a Multi-Domain (SAN) Certificate with Subject Alternative Names can solve this problem. Microsoft IIS and Apache are both able to Virtual Host HTTPS sites using Multi-Domain (SAN) Certificates. Greatly Simplify Your Server's SSL Configuration: Using a Multi-Domain (SAN) Certificate saves you the hassle and time involved in configuring multiple IP addresses on your server, binding each IP address to a different certificate, and trying to piece it all together.

Correct answer is A. What B is referring to is EV. SAN is for mulitple domains Source: messers video

Answer is "A". https://support.dnsimple.com/articles/what-is-ssl-san/

EV multi-domain certificates are also known as a Subject Alternative Name (SAN) certificate. They are considered special due to the owner's ability to validate multiple domains and subdomains with a single SSL certificate.

Based on Darril Gibson book, it seems the answer must be A: SAN. A Subject Alternative Name (SAN) is used for multiple domains that have different names, but are owned by the same organization. For example, Google uses SANs of *.google.com, *.android.com, *.cloud.google.com, and more. It is most commonly used for systems with the same base domain names, but different top-level domains.

I would say that correct answer is A based on information at https://knowledge.digicert.com/solution/SO9440

what a mess... if you don't want to rationalize your way into «B», then «A» is the straightforward answer.

Search Results Featured snippet from the web "EV" stands for Extended Validation. Extended Validation SSL Certificates are a new type of SSL Certificate which is intended to give users more confidence in who you are (the legal entity who has applied for the ssl certificate) and that you control/own your web site.

SAN specifies what SSL Certificates need to protect, but it does validate.