A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA.
The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide.
Which of the following solutions would be BEST for the security administrator to implement to most efficiently assist with this issue?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The BEST solution for the security administrator to implement to assist with this issue would be option B: CRL.
Explanation:
The alert indicates that a certificate has been hijacked at the root of a small public CA. This means that an attacker has gained access to the private key of the CA and can use it to issue fraudulent certificates that appear to be valid. The certificate may have been installed in the browser, allowing the attacker to intercept and manipulate secure communication.
To mitigate this issue, the security administrator should revoke the compromised certificate as soon as possible. The most efficient way to do this is by using a Certificate Revocation List (CRL), which is a list of revoked certificates that is maintained by the CA. When a browser attempts to establish a secure connection with a website, it checks the certificate presented by the site against the CRL to make sure it has not been revoked.
Implementing SSL (Secure Sockets Layer) would not help with this issue, as SSL is a protocol used to encrypt communication between a web server and a browser. It does not address the problem of a compromised certificate.
PKI (Public Key Infrastructure) is a framework used to manage digital certificates and keys. While it is important for securing communication, it does not provide a specific solution for revoking compromised certificates.
ACL (Access Control List) is a mechanism used to restrict access to resources based on a set of rules. It is not relevant to this issue as it does not provide a solution for revoking compromised certificates.