Your network contains an Active Directory forest. All client computers run Windows 7.
The network contains a high-volume enterprise certification authority (CA).
You need to minimize the amount of network bandwidth required to validate a certificate.
What should you do?

A.
Configure an LDAP publishing point for the certificate revocation list (CRL).

B.
Configure an Online Certification Status Protocol (OCSP) responder.

C.
Modify the settings of the delta certificate revocation list (CRL).

D.
Replicate the certificate revocation list (CRL) by using Distributed File System (DFS).

Explanation:
MS Press – Self-Paced Training Kit (Exam 70-640) (2nd Edition, July 2012) page 779
Online responder
This service is designed to respond to specific certificate validation requests through the
Online Certificate

Status Protocol (OCSP). Using an online responder (OR), the system relying on PKI does
not need to obtain a full CRL and can submit a validation request for a specific certificate.
The online responder decodes the validation request and determines whether the certificate
is valid. When it determines the status of the requested certificate, it sends back an
encrypted response containing the information to the requester. Using online responders is
much faster and more efficient than using CRLs. AD CS includes online responders as a
new feature in Windows Server 2008 R2.