A cybersecurity analyst discovered a private key that could have been exposed.
Which of the following is the BEST way for the analyst to determine if the key has been compromised?
A. HSTS
B. CRL
C. CSRs
D. OCSP
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
D
CSR – Certificate Signing Request; does nothing to determine if a key has been compromised, but is rather the start of the process to get a key. Answer is either CRL (certificate revocation list) or OCSP (Online Certificate Status Protocol). CRL is typically cached for faster check but OCSP would be a new query to the CA/intermediate CA.