🔥 3-day streak
CompTIA SecurityX (CAS-005)17 / 120
Question 17 of 120

A security engineer is standardizing how TLS certificates are requested for a fleet of application servers. Compliance requires that private keys never leave the host on which they will be used and cannot be exported or copied, even by an administrator. The engineer must define the certificate enrollment workflow. Which approach best satisfies this requirement while producing a valid certificate signing request (CSR)?

Reviewed for accuracy · Report an issueNext question