A security administrator must implement a system to ensure that invalid certificates are not used
by a custom developed application. The system must be able to check the validity of certificates
even when internet access is unavailable. Which of the following MUST be implemented to
support this requirement?

A.
CSR

B.
OCSP

C.
CRL

D.
SSH