A security administrator needs a locally stored record to remove the certificates of a terminated employee.
Which of the following describes a service that could meet these requirements?
A.
OCSP
B.
PKI
C.
CA
D.
CRL
Explanation:
A CRL is a locally stored record containing revoked certificates and revoked keys.
I don’t understand why it’s not OCSP:
http://searchsecurity.techtarget.com/definition/OCSP
https://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol