NSE 6 – FortiAuthenticator 6.4 — Question 14

Why would you configure an OCSP responder URL in an end-entity certificate?

Answer options

• A. To designate the SCEP server to use for CRL updates for that certificate
• B. To identify the end point that a certificate has been assigned to
• C. To designate a server for certificate status checking
• D. To provide the CRL location for the certificate

Correct answer: C

Explanation

Configuring an OCSP responder URL allows for real-time certificate status verification, which is essential for ensuring that the certificate is still valid. Option A is incorrect as it pertains to SCEP servers for CRL updates, while option B does not relate to status checking, and option D refers specifically to CRL locations rather than online status checking.