CompTIA CASP+ Practice Test 2025 - Free CASP+ Practice Questions and Study Guide

The correct answer is B, OCSP (Online Certificate Status Protocol). This method allows clients to query a single server to determine the status of a specific digital certificate. When a client needs to validate a certificate, it sends a request to the OCSP server, which responds with the current status of the certificate, indicating whether it is valid, revoked, or unknown.

Using OCSP is efficient because it minimizes the amount of data that needs to be transferred and enables real-time status checks instead of relying on potentially outdated information. Unlike a CRL (Certificate Revocation List), which requires the client to download and check a list of all revoked certificates, OCSP provides immediate feedback on specific certificates, making it a more responsive solution for certificate validation.

LDAP (Lightweight Directory Access Protocol) is primarily used for accessing and managing directory information and does not serve as a certificate validation mechanism. PKI (Public Key Infrastructure) is a framework that encompasses various components, including certificate authorities and the protocols for validating certificates, but it does not represent a specific method for validation by itself. Thus, OCSP stands out as the method specifically designed for querying a single server about a certificate's status.