网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You need to design a PKI for Litware, Inc. What should you do?()
- A、Add one offline stand-alone root certificate authority(CA).Add two online enterprise subordinate CAs
- B、Add one online stand-alone root certification authority(CA).Add two online enterprise subordinate CAs
- C、Add one online enterprise root certification authority CA).Add one offline enterprise subordinate CA
- D、Add one online enterprise root certification authority(CA).Add two online enterprise subordinate CAs
参考答案
更多 “You need to design a PKI for Litware, Inc. What should you do?()A、Add one offline stand-alone root certificate authority(CA).Add two online enterprise subordinate CAsB、Add one online stand-alone root certification authority(CA).Add two online enterprise subordinate CAsC、Add one online enterprise root certification authority CA).Add one offline enterprise subordinate CAD、Add one online enterprise root certification authority(CA).Add two online enterprise subordinate CAs” 相关考题
考题
You need to design a PKI solution that meets business and security requirements. What should you do?()A、Implement an enterprise root CA in the corp.woodgrovebank.com domain.Implement subordinate CAs in each child domain. Take the root CA offlineB、Implement an enterprise root CA in the corp.woodgrovebank.com domainC、Implement an enterprise root CA in each of the child domains. Take the enterprise CA in each domain offlineD、Implement an enterprise root CA in the corp.woodgrovebank.com domain. Implement a stand-alone root CA in each of the child domains
考题
Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline root CA and an online issuing CA. The Enterprise certification authority is running Windows Server 2008 R2. You need to ensure users are able to enroll new certificates. What should you do()A、Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing CB、Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in thC、Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.D、Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.
考题
Your company has an Active Directory forest. You plan to install an Enterprise certification authority (CA) on a dedicated stand-alone server. When you attempt to add the Active Directory Certificate Services (AD CS) role, you find that the Enterprise CA option is not available. You need to install the AD CS role as an Enterprise CA. What should you do first()A、Add the DNS Server role.B、Join the server to the domain.C、Add the Web server (IIS) role and the AD CS role.D、Add the Active Directory Lightweight Directory Service (AD LDS) role.
考题
Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()A、an account that is a member of the Certificate Publishers group in the child domainB、an account that is a member of the Certificate Publishers group in the forest root domainC、an account that is a member of the Schema Admins group in the forest root domainD、an account that is a member of the Enterprise Admins group in the forest root domain
考题
Your company has an Active Directory forest. You plan to install an Enterprise certification authority (CA) on a dedicated stand-alone server. When you attempt to add the Active Directory Certificate Services (AD CS) server role, you find that the Enterprise CA option is not available. You need to install the AD CS server role as an Enterprise CA. What should you do first()A、Add the DNS Server server role.B、Join the server to the domain.C、Add the Web Server (IIS) server role and the AD CS server role.D、Add the Active Directory Lightweight Directory Services (AD LDS) server role.
考题
You need to design phase one of the new authentication strategy. Your solution must meet business requirements.What should you do?()A、Install a Windows Server 2003 enterprise root CA, Configure certificate templates for autoenrollmentB、Install a Windows Server 2003 enterprise subordinate CA, Configure certificate templates for autoenrollmentC、Install a Windows Server 2003 stand-alone subordinate CA, Write a logon script for the client computers in the HR department that contains the Certreq.execommandD、Install a Windows Server 2003 stand-alone root CA,Write a logon script for the client computers in the HR department that contains the Certreq.execommand
考题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
考题
You need to design a PKI that meets business requirements. What should you do?()A、Move ATLCA1 offline and create an enterprise subordinate CA to issue certificatesB、Create a stand-alone subordinate CA to issue certificatesC、Use a qualified subordinate CAD、Configure certificate template access control lists (ACLs) on ATLCA1
考题
You have an enterprise subordinate certification authority (CA). You have a group named Group1. You need to allow members of Group1 to publish new certificate revocation lists. Members of Group1 must not be allowed to revoke certificates. What should you do()A、Add Group1 to the local Administrators group.B、Add Group1 to the Certificate Publishers group.C、Assign the Manage CA permission to Group1.D、Assign the Issue and Manage Certificates permission to Group1.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an Enterprise Root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server2 to issue certificate revocation lists (CRLs) for the enterprise root CA. Which two tasks should you perform()A、Import the enterprise root CA certificate.B、Import the OCSP Response Signing certificate.C、Add the Server1 computer account to the CertPublishers group.D、Set the Startup Type of the Certificate Propagation service to Automatic.
考题
Your company has an Active Directory forest. You plan to install an Enterprise certification authority (CA) on a dedicated stand-alone server. When you attempt to add the Active Directory Certificate Services (AD CS) server role, you find that the Enterprise CA option is not available. You need to install the AD CS server role as an Enterprise CA. What should you do first()A、Add the DNS Server server role.B、Join the server to the domain.C、Add the Web Server (IIS) server role and the AD CS server roleD、Add the Active Directory Lightweight Directory Services (AD LDS) server role. .
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Revocation List Distribution Point extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
ou have a Windows Server 2008 Enterprise Root CA. Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA. You need to allow users to request certificates from a Web interface. You install the AD CS role. What should you do next()A、Configure the Online Responder Role Service on a member server.B、Configure the Online Responder Role Service on a domain controller.C、Configure the Certification Authority Web Enrollment Role Service on a member server.D、Configure the Certification Authority Web Enrollment Role Service on a domain controller.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Distribution Point (CDP) extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
You have an Active Directory domain that runs Windows Server 2008 R2. You need to implement a certification authority (CA) server that meets the following requirements: - Allows the certification authority to automatically issue certificates - Integrates with Active Directory Domain Services What should you do()A、Install and configure the Active Directory Certificate Services server role as a Standalone Root CA .B、Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA .C、Purchase a certificate from a third-party certification authority. Install and configure the Active Directory Certificate SD、Purchase a certificate from a third-party certification authority. Import the certificate into the computer store of the sc
考题
You need to design a security solution for the internally developed Web applications that meets business requirements. What should you do?()A、Install and configure a stand-alone root certification authorative (CA) that is trusted by all company client computers. Issue encryption certificates to all developersB、Install and configure root certification authority (CA) that is trusted by all company client computers. Issue code-signing certificates to all developersC、Purchase a root certification from a trusted commercial certification authority (CA). Install the root certificated on all developers’ computersD、Purchase a code-signing certificate from a trusted commercial certification authority (CA). Install the certificate on all company client computers
考题
You need to design a PKI for the Northwind Traders internal network. What should you do?()A、Add an enterprise root CA to the northwindtraders.com domain. Configure cross-certification between the northwindtraders.com domain and the boston.northwindtraders.com domainB、Add an enterprise subordinate issuing CA to the northwindtraders.com domain. Configure qualified subordination for the enterprise subordinate issuing CA in BostonC、Add enterprise subordinate issuing CAs to the New York, Boston, and Seattle LANs. Configure qualified subordinations for each enterprise subordinate issuing CAD、Add a stand-alone commercial issuing CA to only the northwindtraders.com domain. Configure cross-certification between the commercial CA and the boston.northwindtraders.com domain
考题
单选题Your company has an Active Directory forest. You plan to install an Enterprise certification authority (CA) on a dedicated stand-alone server. When you attempt to add the Active Directory Certificate Services (AD CS) server role, you find that the Enterprise CA option is not available. You need to install the AD CS server role as an Enterprise CA. What should you do first()A
Add the DNS Server server role.B
Join the server to the domain.C
Add the Web Server (IIS) server role and the AD CS server role.D
Add the Active Directory Lightweight Directory Services (AD LDS) server role.
考题
单选题You need to design a PKI for the Northwind Traders internal network. What should you do?()A
Add an enterprise root CA to the northwindtraders.com domain. Configure cross-certification between the northwindtraders.com domain and the boston.northwindtraders.com domainB
Add an enterprise subordinate issuing CA to the northwindtraders.com domain. Configure qualified subordination for the enterprise subordinate issuing CA in BostonC
Add enterprise subordinate issuing CAs to the New York, Boston, and Seattle LANs. Configure qualified subordinations for each enterprise subordinate issuing CAD
Add a stand-alone commercial issuing CA to only the northwindtraders.com domain. Configure cross-certification between the commercial CA and the boston.northwindtraders.com domain
考题
单选题Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()A
an account that is a member of the Certificate Publishers group in the child domainB
an account that is a member of the Certificate Publishers group in the forest root domainC
an account that is a member of the Schema Admins group in the forest root domainD
an account that is a member of the Enterprise Admins group in the forest root domain
考题
单选题You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A
Import the enterprise root CA certificate.B
Configure the Certificate Distribution Point (CDP) extension.C
Configure the Authority Information Access (AIA) extension.D
Add the Server2 computer account to the CertPublishers group.
考题
单选题You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A
Import the enterprise root CA certificate.B
Configure the Certificate Revocation List Distribution Point extension.C
Configure the Authority Information Access (AIA) extension.D
Add the Server2 computer account to the CertPublishers group.
考题
单选题Your company has an Active Directory forest. You plan to install an Enterprise certification authority (CA) on a dedicated stand-alone server. When you attempt to add the Active Directory Certificate Services (AD CS) server role, you find that the Enterprise CA option is not available. You need to install the AD CS server role as an Enterprise CA. What should you do first()A
Add the DNS Server server role.B
Join the server to the domain.C
Add the Web Server (IIS) server role and the AD CS server roleD
Add the Active Directory Lightweight Directory Services (AD LDS) server role. .
考题
单选题Your company has an Active Directory forest. You plan to install an Enterprise certification authority (CA) on a dedicated stand-alone server. When you attempt to add the Active Directory Certificate Services (AD CS) role, you find that the Enterprise CA option is not available. You need to install the AD CS role as an Enterprise CA. What should you do first()A
Add the DNS Server role.B
Join the server to the domain.C
Add the Web server (IIS) role and the AD CS role.D
Add the Active Directory Lightweight Directory Service (AD LDS) role.
考题
单选题You need to design a PKI for Litware, Inc. What should you do?()A
Add one offline stand-alone root certificate authority(CA).Add two online enterprise subordinate CAsB
Add one online stand-alone root certification authority(CA).Add two online enterprise subordinate CAsC
Add one online enterprise root certification authority CA).Add one offline enterprise subordinate CAD
Add one online enterprise root certification authority(CA).Add two online enterprise subordinate CAs
考题
多选题You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an Enterprise Root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server2 to issue certificate revocation lists (CRLs) for the enterprise root CA. Which two tasks should you perform()AImport the enterprise root CA certificate.BImport the OCSP Response Signing certificate.CAdd the Server1 computer account to the CertPublishers group.DSet the Startup Type of the Certificate Propagation service to Automatic.
热门标签
最新试卷