CompTIA SecurityX (CAS-005) — Question 242

A software developer is working on a piece of code required by a new software package. The code should use a protocol to verify the validity of a remote identity. Which of the following should the developer implement in the code?

Answer options

• A. RSA
• B. OCSP
• C. HSTS
• D. CRL

Correct answer: B

Explanation

The correct answer is B, OCSP (Online Certificate Status Protocol), as it is specifically designed to check the revocation status of digital certificates in real-time. RSA is an encryption algorithm, HSTS relates to secure web connections, and CRL (Certificate Revocation List) provides a list of revoked certificates but does not offer real-time verification like OCSP does.