nerdexam
ExamsCAS-001Questions#383
CompTIA

CAS-001 · Question #383

CAS-001 Question #383: Real Exam Question with Answer & Explanation

The correct answer is A: The OCSP checks certificate status in real time. Certificate Revocation List (CRL) is one of the two common methods when using a public key infrastructure for maintaining access to servers in a network. Online Certificate Status Protocol (OCSP), a newer method, has superseded CRL in some cases. The CRL is a list of subscribers

Question

Which of the following statements are true about OCSP and CRL? Each correct answer represents a complete solution. Choose all that apply.

Options

  • AThe OCSP checks certificate status in real time
  • BThe CRL is a list of subscribers paired with digital certificate status.
  • CThe main limitation of CRL is the fact that updates must be frequently downloaded to keep the list
  • DThe CRL allows the authenticity of a certificate to be immediately verified.

Explanation

Certificate Revocation List (CRL) is one of the two common methods when using a public key infrastructure for maintaining access to servers in a network. Online Certificate Status Protocol (OCSP), a newer method, has superseded CRL in some cases. The CRL is a list of subscribers paired with digital certificate status. The list enumerates revoked certificates along with the reason for revocation. The dates of certificate issue, and the entities that issued them, are also included. The main limitation of CRL is the fact that updates must be frequently downloaded to keep the list current OCSP overcomes this limitation by checking certificate status in real time. The OCSP allows the authenticity of a certificate to be immediately

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice