CompTIA CASP+ (CAS-004) — Question 163

A software developer is working on a piece of code required by a new software package. The code should use a protocol to verify the validity of a remote identity. Which of the following should the developer implement in the code?

Answer options

• A. RSA
• B. OCSP
• C. HSTS
• D. CRL

Correct answer: B

Explanation

The correct answer is OCSP, which stands for Online Certificate Status Protocol, and is specifically designed to check the validity of digital certificates in real-time. RSA is a cryptographic algorithm, HSTS is a web security policy mechanism, and CRL (Certificate Revocation List) is a list of certificates that have been revoked, but it doesn’t provide real-time validation like OCSP does.