Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform()A、Publish the code signing template.B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admiC、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.D、Modify the security settings on the template to allow only administrators to request code signing certificates.
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform()
- A、Publish the code signing template.
- B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admi
- C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.
- D、Modify the security settings on the template to allow only administrators to request code signing certificates.
相关考题:
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.C、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline root CA and an online issuing CA. The Enterprise certification authority is running Windows Server 2008 R2. You need to ensure users are able to enroll new certificates. What should you do()A、Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing CB、Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in thC、Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.D、Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.
Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You manage client computers by using Microsoft System Center Configuration Manager 2007 R2. You are deploying Microsoft Enterprise Desktop Virtualization (MED-V) to support client virtualization requirements. You need to ensure that administrators can centrally store MED-V logging information and generate reports. Which two actions should you perform?()A、Install and configure IIS on a member server.B、Configure a shared folder on a member server.C、Install and configure Microsoft SQL Server 2008 on a member server.D、Configure permissions for the shared folder on a member server.
Your company has an Active Directory domain. All servers run Windows Server 2008. You deploy a Certification Authority (CA) server. You create a new global security group named CertIssuers. You need to ensure that members of the CertIssuers group can issue, approve, and revoke certificates. What should you do()A、Assign the Certificate Manager role to the CertIssuers group.B、Place CertIssuers group in the Certificate Publisher groupC、Run the certsrv -add CertIssuers command promt of the certificate serverD、Run the add -member-membertype memberset CertIssuers command by using Microsoft WindowsPowershell
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an ENterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
Your company has an Active Directory forest that contains only Windows Server 2008 domain controllers. You need to prepare the Active Directory domain to install Windows Server 2008 R2 domain controllers. Which two tasks should you perform()A、Run the adprep /forestprep command.B、Run the adprep /domainprep command.C、Raise the forest functional level to Windows Server 2008.D、Raise the domain functional level to Windows Server 2008.
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two task should you perform()A、Publish the code signing template.B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.D、Modify the security settings on the template to allow only administrators to request code signing certificates.
Your company has a single Active Directory forest that has six domains.All DNS servers in the forest run Windows Server 2008 R2.You need to ensure that all public DNS queries are channeled through a single-caching-only DNS server.Which two actions should you perform?()A、Disable the root hints.B、Enable BIND secondaries.C、Configure a forwarder to the caching DNS server.D、Configure a GlobalNames host (A) record for the hostname of the caching DNS server.
Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA. What should you do?()A、 Assign the user account to the CA Admin role.B、 Add the user account to the local Administrators group.C、 Grant the user the Back up files and directories user right.D、 Grant the user the Manage auditing and security log user right.
Your company has an Active Directory forest that contains only Windows Server 2003 domain controllers. You need to prepare the Active Directory domain to install Windows Server 2008 domain controllers. Which two tasks should you perform()A、Run the adprep /forestprep command.B、Run the adprep /domainprep command.C、Raise the forest functional level to Windows Server 2008.D、Raise the domain functional level to Windows Server 2008.
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy obD、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run Windows Server 2008. You need to ensure that all public DNS quieries are channeled through a singlecahing- only DNS server. Which two actions should you perform?() A、Disable the root hintsB、Enable BIND secondariesC、Configure a forwarder to the caching DNS serverD、Configure a GlobalNames host (A) record for the hostname of the caching DNS server
Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. Your environment includes Microsoft Enterprise Desktop Virtualization (MED - V). You use M ED - V to support temporary test environments. You need to ensure that the disk space used by obsolete Workspaces is automatically minimized. Which two actions should you perform? ()A、Configure t he Workspace as revertible.B、Set an expiration date for the Workspace.C、Specify the number of image versions to keep.D、Configure automatic deletion of the Workspace.
Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You manage client computers by using Microsoft System Center Configuration Manager 2007 R2. You are deploying Microsoft Enterprise Desktop Virtualization (MED-V) to support client virtualization requirements. You need to ensure that administrators can centrally store MED-V logging information and generate reports. Which two actions should you perform?()A、Install and configure IIS on a member server.B、Configure a shared folder on a member server.C、Install and configure Microsoft SQL Server 2008 on a member server.D、Configure permissions for the shared folder on a member server.
Your company has an Active Directory domain. All servers run Windows Server 2008. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform()A、Publish the code signing template.B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.D、Modify the security settings on the template to allow only administrators to request code signing certificates.
Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. Your environment includes Microsoft Enterprise Desktop Virtualization (MED-V). You use MED-V to support temporary test environments. You need to ensure that the disk space used by obsolete Workspaces is automatically minimized. Which two actions should you perform?()A、Configure the Workspace as revertible.B、Set an expiration date for the Workspace.C、Specify the number of image versions to keep.D、Configure automatic deletion of the Workspace.
Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run Windows Server 2008.You need to ensure that all public DNS queries are channeled through a single-caching-only DNS server. Which two actions should you perform? (Each correct answer presents part of the solution.()A、Disable the root hints.B、Enable BIND secondaries.C、Configure a forwarder to the caching DNS server.D、Configure a GlobalNames host (A)record for the hostname of the caching DNS server.
Your company has 10 servers that run Windows Server 2008 R2. The servers have Remote Desktop Protocol (RDP) enabled for server administration. RDP is configured to use default security settings. All administrators' computers run Windows 7. You need to ensure the RDP connections are as secure as possible. Which two actions should you perform?()A、Set the security layer for each server to the RDP Security Layer.B、Configure the firewall on each server to block port 3389.C、Acquire user certificates from the internal certification authority.D、Configure each server to allow connections only to Remote Desktop client computers that use Network Level Authentication.
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration SC、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate Services (AD CS) is configured as a standalone Certification Authority (CA) on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform()A、Configure auditing in the Certification Authority snap-in.B、 Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32%/CertSrv directory.C、Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.D、Enable the Audit object access setting in the Local Security Policy for the Active Directory Certificate Services (AD CS) server.
Your network contains an Active Directory domain. You have a server named Server1 that runs Windows Server 2008 R2. Server1 is an enterprise root certification authority (CA). You have a client computer named Computer1 that runs Windows 7. You enable automatic certificate enrollment for all client computers that run Windows 7. You need to verify that the Windows 7 client computers can automatically enroll for certificates. Which command should you run on Computer1()A、certreq.exe -retrieveB、certreq.exe -submitC、certutil.exe -getkeyD、certutil.exe -pulse
多选题Your company has an Active Directory forest that contains only Windows Server 2003 domain controllers. You need to prepare the Active Directory domain to install Windows Server 2008 domain controllers. Which two tasks should you perform()ARun the adprep /forestprep command.BRun the adprep /domainprep command.CRaise the forest functional level to Windows Server 2008.DRaise the domain functional level to Windows Server 2008.
单选题Your company has an Active Directory domain. All servers run Windows Server 2008. You deploy a Certification Authority (CA) server. You create a new global security group named CertIssuers. You need to ensure that members of the CertIssuers group can issue, approve, and revoke certificates. What should you do()AAssign the Certificate Manager role to the CertIssuers group.BPlace CertIssuers group in the Certificate Publisher groupCRun the certsrv -add CertIssuers command promt of the certificate serverDRun the add -member-membertype memberset CertIssuers command by using Microsoft WindowsPowershell
多选题Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate Services (AD CS) is configured as a standalone Certification Authority (CA) on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform()AConfigure auditing in the Certification Authority snap-in.BEnable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32%/CertSrv direCEnable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.DEnable the Audit object access setting in the Local Security Policy for the Active Directory Certificate Services
单选题Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA. What should you do?()A Assign the user account to the CA Admin role.B Add the user account to the local Administrators group.C Grant the user the Back up files and directories user right.D Grant the user the Manage auditing and security log user right.