PrepAway - Latest Free Exam Questions & Answers

4 Comments on “Which of the following should be implemented?

    1. Dominus says:

      I could be wrong but you would need to download the CRL, but you won’t be able to do so if the AC is offline. OCSP on the other hand, OCSP stabling eliminates the need for a browser to request the OCSP response directly from the CA.

      I believe the provided answer is correct.


  1. Curly says:

    After thinking about it and reading the question again, it says “Publicly trusted certificates” and to get those certificates you would have to download then into your CRL which is accessible while there is no internet. So technically yes it would be from the OCSP.



Leave a Reply