Which two methods can be configured to validate the revocation status of a certificate? (Choose two.)
Which two methods can be configured to validate the revocation status of a certificate? (Choose two.)
The two methods that can be configured to validate the revocation status of a certificate are CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol). CRL is a list of certificates that have been revoked by the Certificate Authority before their expiration date, and OCSP is a protocol used for obtaining the revocation status of a digital certificate. Both of these methods are widely used in public key infrastructures to ensure that compromised or invalid certificates are not trusted.
https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/certificate-management/certificate-revocation.html#idaa3aa4f6-4791-4dbb-b834-58c22e208be8
yes A-C are correct
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certificate-management/certificate-revocation
To verify the revocation status of certificates, the firewall uses Online Certificate Status Protocol (OCSP) and/or certificate revocation lists (CRLs).
https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certificate-management/set-up-verification-for-certificate-revocation-status
A and C correct