CompTIA Security+ (SY0-701) — Question 342

The private key for a website was stolen, and a new certificate has been issued. Which of the following needs to be updated next?

Answer options

• A. SCEP
• B. CRL
• C. OCSP
• D. CSR

Correct answer: B

Explanation

The Certificate Revocation List (CRL) needs to be updated to ensure that the old certificate, which was compromised along with the private key, is no longer trusted. SCEP, OCSP, and CSR do not directly address the need to revoke the old certificate, making them less relevant in this situation.