CompTIA SecurityX (CAS-005) — Question 14

A systems administrator at a web-hosting provider has been tasked with renewing the public certificates of all customer sites. Which of the following would best support multiple domain names while minimizing the amount of certificates needed?

Answer options

• A. OCSP
• B. CRL
• C. SAND. CA

Correct answer: C

Explanation

The correct answer, SAN (Subject Alternative Name) certificates, allows for multiple domain names to be covered under a single certificate, which simplifies management and reduces the total number of certificates needed. OCSP (Online Certificate Status Protocol) and CRL (Certificate Revocation List) are tools for managing certificate status, but they do not address the issue of consolidating multiple domains into fewer certificates.