Palo Alto Networks Certified Network Security Engineer (PCNSE) — Question 52
Which two methods can be configured to validate the revocation status of a certificate? (Choose two.)
Answer options
- A. CRL
- B. CRT
- C. OCSP
- D. Cert-Validation-Profile
- E. SSL/TLS Service Profile
Correct answer: A, C
Explanation
CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol) are both established methods for checking the revocation status of certificates. CRT is not a valid method for revocation validation, and while Cert-Validation-Profile and SSL/TLS Service Profile are related to certificate management, they do not directly serve as revocation validation methods.