A product owner is working with a security engineer to improve the security surrounding certificate revocation, which is important for the clients using a web application. The organization is currently using a CRL configuration to manage revocation, but it is looking for a solution that addresses the reporting delays associated with CRLs. The security engineer recommends OCSP, but the product owner is concerned about the overhead associated with its use. Which of the following would the security engineer MOST likely suggest to address the product owner’s concerns?
A. Key escrow can be used on the WAF
B. S/MIME can be used in lieu of OCSP
C. Stapling should be used with OCSP
D. The organization should use wildcard certificates.
How to PASS CAS-004 in First Attempt?FULL Printable PDF and Software. VALID exam to help you PASS. |
 |
