CompTIA CASP+ (CAS-004) — Question 635

Some end users of an e-commerce website are reporting a delay when browsing pages. The website uses TLS 1.2. A security architect for the website troubleshoots by connecting from home to the website and capturing traffic via Wireshark. The security architect finds that the issue is the time required to validate the certificate. Which of the following solutions should the security architect recommend?

Answer options

• A. Adding more nodes to the web server clusters
• B. Changing the cipher algorithm used on the web server
• C. Implementing OCSP stapling on the server
• D. Upgrading to TLS 1.3

Correct answer: C

Explanation

The correct answer, C, is effective because OCSP stapling reduces the time spent validating certificates by allowing the server to present a cached response from the certificate authority. Option A does not address the certificate validation issue, B changes the encryption method but does not solve the delay, and D, while beneficial for other reasons, does not specifically target the certificate validation time problem.