CompTIA Security+ (SY0-501) — Question 242

Attackers have been using revoked certificates for MITM attacks to steal credentials from employees of Company.com.
Which of the following options should Company.com implement to mitigate these attacks?

Answer options

• A. Captive portal
• B. OCSP stapling
• C. Object identifiers
• D. Key escrow
• E. Extended validation certificate

Correct answer: B

Explanation

OCSP stapling allows a server to check the revocation status of its certificates more efficiently, which helps prevent the use of revoked certificates in MITM attacks. The other options do not directly address the issue of certificate revocation and may not provide the necessary protection against such attacks.