网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
Your network contains an enterprise root certification authority (CA). You need to ensure that a certificate issued by the CA is valid. What should you do()
- A、Run syskey.exe and use the Update option. T.he safer ,easier way to help you pass any IT exams. 4 / 90
- B、Run sigverif.exe and use the Advanced option.
- C、Run certutil.exe and specify the -verify parameter.
- D、Run certreq.exe and specify the -retrieve parameter.
参考答案
更多 “Your network contains an enterprise root certification authority (CA). You need to ensure that a certificate issued by the CA is valid. What should you do()A、Run syskey.exe and use the Update option. T.he safer ,easier way to help you pass any IT exams. 4 / 90B、Run sigverif.exe and use the Advanced option. C、Run certutil.exe and specify the -verify parameter. D、Run certreq.exe and specify the -retrieve parameter.” 相关考题
考题
Your network contains an Active Directory forest. The functional level of the forest is Windows Server 2008 R2.You plan to deploy DirectAccess.You need to configure the DNS servers on your network to support DirectAccess.What should you do?()A. Modify the GlobalQueryBlockList registry key and restart the DNS Server service.B. Modify the EnableGlobalNamesSupport registry key and restart the DNS Server service.C. Create a trust anchor that uses a certificate issued by an internal certification authority (CA).D. Create a trust anchor that uses a certificate issued by a publicly trusted certification authority (CA).
考题
You have an Exchange organization.All servers in the organization have Exchange Server 2010 Service Pack 1 (SP1) installed.The network contains an internal root certification authority (CA).Users on the network use Outlook Anywhere.A Client Access server uses a wildcard certificate issued by a trusted third-party root CA.You need to ensure that users can send and receive encrypted e-mail messages by using S/MIME. What should you do?()A、Instruct all users to import the third-party root CA certificate.B、Import the internal root CA certificate to the Client Access server.C、Instruct all users to import the internal root CA certificate.D、Issue a certificate to each user from the internal root CA
考题
Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline root CA and an online issuing CA. The Enterprise certification authority is running Windows Server 2008 R2. You need to ensure users are able to enroll new certificates. What should you do()A、Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing CB、Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in thC、Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.D、Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.
考题
You need to design a PKI for Litware, Inc. What should you do?()A、Add one offline stand-alone root certificate authority(CA).Add two online enterprise subordinate CAsB、Add one online stand-alone root certification authority(CA).Add two online enterprise subordinate CAsC、Add one online enterprise root certification authority CA).Add one offline enterprise subordinate CAD、Add one online enterprise root certification authority(CA).Add two online enterprise subordinate CAs
考题
You have an enterprise root certification authority (CA) that runs Windows Server 2008 R2. You need to ensure that you can recover the private key of a certificate issued to a Web server. What should you do()A、From the ca, run the Get-PfxCertificate cmdlet.B、From the Web server, run the Get-PfxCertificate cmdlet.C、From the ca, run the certutil.exe tool and specify the -exportpfx parameter.D、From the Web server, run the certutil.exe tool and specify the -exportpfx parameter.
考题
Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()A、an account that is a member of the Certificate Publishers group in the child domainB、an account that is a member of the Certificate Publishers group in the forest root domainC、an account that is a member of the Schema Admins group in the forest root domainD、an account that is a member of the Enterprise Admins group in the forest root domain
考题
Your network contains a Network Policy and Access Services server named Server1. All certificates in theorganization are issued by an enterprise certification authority (CA) named Server2. You have a standalonecomputer named Computer1 that runs Windows 7. Computer1 has a VPN connection that connects toServer1 by using SSTP. You attempt to establish the VPN connection to Server1 and receive the followingerror message: A certificate chain processed, but terminated in a root certificate which is not trusted by thetrust provider. You need to ensure that you can successfully establish the VPN connection to Server1. What should you do on Computer1?()A、Import the root certificate to the user s Trusted Publishers store.B、Import the root certificate to the computer s Trusted Root Certification Authorities store.C、Import the server certificate of Server1 to the user s Trusted Root Certification Authorities store.D、Import the server certificate of Server1 to the computer s Trusted Root Certification Authorities store.
考题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
考题
You have an enterprise subordinate certification authority (CA). The CA is configured to use a hardware security module. You need to back up Active Directory Certificate Services on the CA. Which command should you run()A、certutil.exe backupB、certutil.exe backupdbC、certutil.exe backupkeyD、certutil.exe store
考题
Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have a server named Server1. Server1 is configured as an enterprise root certification authority (CA). You perform a complete backup of Server1 that includes the system state. Server1 fails. You install a new server named Server1. You need to recover the enterprise root CA. What should you do? ()A、Restore the system state backup.B、Restore the %systemroot%/system32/certsrv folder.C、From the Certificates snap-in, import the enterprise root CA certificate.D、From the Certificates snap-in, import the enterprise root CA certificate revocation list (CRL).
考题
Your network contains a server that runs Windows Server 2008 R2. The server is configured as an enterprise root certification authority (CA). You have a Web site that uses x.509 certificates for authentication. The Web site is configured to use a many-to-one mapping. You revoke a certificate issued to an external partner. You need to prevent the external partner from accessing the Web site. What should you do()A、Run certutil.exe -crl.B、Run certutil.exe -delkey.C、From Active Directory Users and Computers, modify the membership of the IIS_IUSRS group.D、From Active Directory Users and Computers, modify the Contact object for the external partner.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Revocation List Distribution Point extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Distribution Point (CDP) extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
You have an Exchange Server 2010 organization.Users on the network use HTTPS to connect to Outlook Web App (OWA).The Client Access server uses a certificate issued by an internal certification authority (CA).You plan to deploy an e-mail encryption solution for all users. You need to ensure that users can send and receive encrypted e-mail messages by using S/MIME from OWA.What should you do?()A、Issue a certificate to each userB、Instruct all OWA users to import a root CA certificateC、Modify the authentication settings of the OWA virtual directoryD、Configure the Client Access Server to use a certificate issued by a third-party CA
考题
Your network contains an enterprise root certification authority (CA). You need to ensure that a certificate issued by the CA is valid. What should you do()A、Run syskey.exe and use the Update option.B、Run sigverif.exe and use the Advanced option.C、Run certutil.exe and specify the -verify parameter.D、Run certreq.exe and specify the -retrieve parameter.
考题
our network contains two Active Directory forests named contoso.com and adatum.com. The functional level of both forests is Windows Server 2008 R2. Each forest contains one domain. Active Directory Certificate Services (AD CS) is configured in the contoso.com forest to allow sers from The safer , easier way to help you pass any IT exams. 3 / 90 both forests to automatically enroll user certificates. You need to ensure that all users in the adatum.com forest have a user certificate from the contoso.com certification authority (CA). What should you configure in the adatum.com domain()A、From the Default Domain Controllers Policy, modify the Enterprise Trust settings.B、From the Default Domain Controllers Policy, modify the Trusted Publishers settings.C、From the Default Domain Policy, modify the Certificate Enrollment policy.D、From the Default Domain Policy, modify the Trusted Root Certification Authority settings.
考题
An organization has Exchange server 2010.Network contains internal root Certification Authorization (CA).Users on network use Outlook Anywhere.A CAS server uses a wildcard certificate issued by a trusted third party root CA.You need to ensure that users can send and receive encrypted e-mail messages by using S/MIME.What should you do?()A、Instruct all users to import the 3d-party root CA certificationB、Configure CAS server to use a certificate issued by a third-party CAC、Instruct all users to import an internal root CA certificateD、Deploy Outlook Web Access with the S/MIME control to the client system
考题
You have an Active Directory domain that runs Windows Server 2008 R2. You need to implement a certification authority (CA) server that meets the following requirements: - Allows the certification authority to automatically issue certificates - Integrates with Active Directory Domain Services What should you do()A、Install and configure the Active Directory Certificate Services server role as a Standalone Root CA .B、Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA .C、Purchase a certificate from a third-party certification authority. Install and configure the Active Directory Certificate SD、Purchase a certificate from a third-party certification authority. Import the certificate into the computer store of the sc
考题
You are the network administrator for your company. The network contains a single Active Directory domain. All computers on the network are members of the domain. All domain controllers run Windows Server 2003. You are planning a public key infrastructure (PKI). The PKI design documents for your company specify that certificates that users request to encrypt files must have a validity period of two years. The validity period of a Basic EFS certificate is one year. In the Certificates Templates console, you attempt to change the validity period for the Basic EFS certificate template. However, the console does not allow you to change the value. You need to ensure that you can change the value of the validity period of the certificate that users request to encrypt files. What should you do? ()A、 Install an enterprise certification authority (CA) in each domain.B、 Assign the Domain Admins group the Allow - Full Control permission for the Basic EFS certificate template.C、 Create a duplicate of the Basic EFS certificate template. Enable the new template for issuing certificate authorities.D、 Instruct users to connect to the certification authority (CA) Web enrollment pages to request a Basic EFS certificate.
考题
单选题Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()A
an account that is a member of the Certificate Publishers group in the child domainB
an account that is a member of the Certificate Publishers group in the forest root domainC
an account that is a member of the Schema Admins group in the forest root domainD
an account that is a member of the Enterprise Admins group in the forest root domain
考题
单选题Your network contains an enterprise root certification authority (CA). You need to ensure that a certificate issued by the CA is valid. What should you do()A
Run syskey.exe and use the Update option. T.he safer ,easier way to help you pass any IT exams. 4 / 90B
Run sigverif.exe and use the Advanced option. C
Run certutil.exe and specify the -verify parameter. D
Run certreq.exe and specify the -retrieve parameter.
考题
单选题Your network contains an enterprise root certification authority (CA). You need to ensure that a certificate issued by the CA is valid. What should you do()A
Run syskey.exe and use the Update option.B
Run sigverif.exe and use the Advanced option.C
Run certutil.exe and specify the -verify parameter.D
Run certreq.exe and specify the -retrieve parameter.
热门标签
最新试卷