单项选择题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2.
Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires.
You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain.
What should you do()
A.Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.
B.Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.
C.Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.
D.Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
相关考题
-
多项选择题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two task should you perform()
A.Publish the code signing template.
B.Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.
C.Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.
D.Modify the security settings on the template to allow only administrators to request code signing certificates. -
单项选择题
YouhavetwoserversnamedServer1andServer2.BothserversrunWindowsServer2008R2. Server1isconfiguredasanenterpriserootcertificationauthority(CA). YouinstalltheOnlineResponderroleserviceonServer2. YouneedtoconfigureServer1tosupporttheOnlineResponder. Whatshouldyoudo()
A.Import the enterprise root CA certificate.
B.Configure the Certificate Revocation List Distribution Point extension.
C.Configure the Authority Information Access (AIA) extension.
D.Add the Server2 computer account to the CertPublishers group. -
多项选择题
Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate Services (AD CS) is configured as a standalone Certification Authority (CA) on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform()
A.Configure auditing in the Certification Authority snap-in.
B. Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32%\CertSrv directory.
C.Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%\CertLog directory.
D.Enable the Audit object access setting in the Local Security Policy for the Active Directory Certificate Services (AD CS) server.
