An application developer accidentally uploaded a company's code-signing certificate private key to a public web server. The company is concerned about malicious use of its certificate. Which of the following should the company do FIRST?
A.
Delete the private key from the repository.
B.
Verify the public key is not exposed as well.
C.
Update the DLP solution to check for private keys.
We need to revoke the code-signing certificate as this is the most secure way to ensure that the comprised key wont be used by attackers. Usually there are bots crawking all over repos searching this kind of human errors.
In this scenario, the company's code-signing certificate private key has been exposed to the public, which is a significant security concern. The first and most critical step the company should take is to revoke the compromised code-signing certificate. By revoking the certificate, the company informs all parties that the certificate is no longer trustworthy and should not be used for signing applications or code.
After revoking the certificate, the company can then proceed with other necessary actions, such as verifying that the public key is not exposed, deleting the private key from the repository, and updating the Data Loss Prevention (DLP) solution to check for private keys. However, the immediate priority is to prevent the malicious use of the compromised certificate by revoking it as soon as possible.
In the scenario described, the company's code-signing certificate private key has been accidentally uploaded to a public web server. This poses a significant security risk as malicious actors could potentially use the private key to sign malicious code, impersonating the company. The first and most critical step the company should take is to revoke the code-signing certificate. By revoking the certificate, any code that was previously signed with it will no longer be trusted, and the risk of malicious use is mitigated.
After revoking the certificate, the company can take further actions such as deleting the private key from the repository, verifying the public key is not exposed, and updating the Data Loss Prevention (DLP) solution to check for private keys. However, the immediate priority is to revoke the certificate to prevent further damage or misuse.
MorganB 0 minutes ago Awaiting moderator approval
Pass my exam 27, April 23. This question was on my tested worded differently but the answer is the same.
Revoke they certificate with a revocation authority, and go about getting a new one with a certificate authority.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
stoneface
Highly Voted 2 years, 10 months agoApplebeesWaiter1122
Highly Voted 1 year, 11 months agoSalsa12
Most Recent 1 year, 1 month agoLordJaraxxus
1 year, 4 months agocyberPunk28
1 year, 6 months agoProtract8593
1 year, 11 months agoMorganB
2 years, 2 months agoDALLASCOWBOYS
2 years, 5 months agoSir_Learnalot
2 years, 7 months agoJossie_C
2 years, 8 months agoRonWonkers
2 years, 9 months agoGravoc
2 years, 9 months ago