网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
单选题
Certkiller.com runs Window Server 2008 on all of its servers. It has a single Active Directory domain and it uses Enterprise Certificate Authority. The security policy at Certkiller .com makes it necessary to examine revoked certificate information. You need to make sure that the revoked certificate information is available at all times. What should you do to achieve that()
A
Add and configure a new GPO (Group Policy Object) that enables users to accept peer certificates and link the GPO to the domain.
B
Configure and use a GPO to publish a list of trusted certificate authorities to the domain
C
Configure and publish an OCSP (Online certificate status protocol) responder through ISAS (Internet Security and Acceleration Server) array.
D
Use network load balancing and publish an OCSP responder.
E
None of the above
参考答案
参考解析
解析:
暂无解析
更多 “单选题Certkiller.com runs Window Server 2008 on all of its servers. It has a single Active Directory domain and it uses Enterprise Certificate Authority. The security policy at Certkiller .com makes it necessary to examine revoked certificate information. You need to make sure that the revoked certificate information is available at all times. What should you do to achieve that()A Add and configure a new GPO (Group Policy Object) that enables users to accept peer certificates and link the GPO to the domain.B Configure and use a GPO to publish a list of trusted certificate authorities to the domainC Configure and publish an OCSP (Online certificate status protocol) responder through ISAS (Internet Security and Acceleration Server) array.D Use network load balancing and publish an OCSP responder.E None of the above” 相关考题
考题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.C、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
考题
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Serever 2008 Standart. You need to install an enterprise subordinate certification authority (CA) that support private key archival. You must achieve this goal by using the minimum amount of administrative effort. What do you do first()A、Initialize the Trusted Platform Module (TPM)B、Upgrade the menber server to Windows Server 2008 R2 Standard.C、Install the Certificate Enrollment Policy Web Service role service on the member server.D、Run the Security Configuration Wizard (SCW) and select the Active Directory Certificate Services - Certification
考题
our network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.” You find that users on the corporate network do not receive this error.You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A、In IIS Manager, enable the Enable client certificate mapping option. B、In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority. C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key. D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data
考题
Your company has an Active Directory domain. AlI servers run Windows Server 2008. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.C、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
考题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
考题
Certkiller.com runs Window Server 2008 on all of its servers. It has a single Active Directory domain and it uses Enterprise Certificate Authority. The security policy at Certkiller .com makes it necessary to examine revoked certificate information. You need to make sure that the revoked certificate information is available at all times. What should you do to achieve that()A、Add and configure a new GPO (Group Policy Object) that enables users to accept peer certificates and link the GPO to the domain.B、Configure and use a GPO to publish a list of trusted certificate authorities to the domainC、Configure and publish an OCSP (Online certificate status protocol) responder through ISAS (Internet Security and Acceleration Server) array.D、Use network load balancing and publish an OCSP responder.E、None of the above
考题
Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an ENterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
考题
Your network contains two Active Directory forests named contoso.com and adatum.com. The functional level of both forests is Windows Server 2008 R2. Each forest contains one domain. Active Directory Certificate Services (AD CS) is configured in the contoso.com forest to allow users from both forests to automatically enroll user certificates. You need to ensure that all users in the adatum.com forest have a user certificate from the contoso.com certification authority (CA). What should you configure in the adatum.com domain()A、From the Default Domain Controllers Policy, modify the Enterprise Trust settings.B、From the Default Domain Controllers Policy, modify the Trusted Publishers settings.C、From the Default Domain Policy, modify the Certificate Enrollment policy.D、From the Default Domain Policy, modify the Trusted Root Certification Authority settings.
考题
Certkiller .com has a domain controller that runs Windows Server 2008. The Certkiller .com network boosts 40 Windows Vista client machines. As an administrator at Certkiller .com, you want to deploy Active Directory Certificate service (AD CS) to authorize the network users by issuing digital certificates. What should you do to manage certificate settings on all machines in a domain from one main location()A、Configure Enterprise CA certificate settingsB、Configure Enterprise trust certificate settingsC、Configure Advance CA certificate settingsD、Configure Group Policy certificate settingsE、All of the above
考题
Your network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed. External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: There is a problem with this Web sites security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority. You find that users onthe corporate network do not receive this error. You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A、In IIS Manager, enable the Enable client certificate mapping option.B、In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority.C、In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key.D、In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data (always).
考题
Your company, A. Datum Corporation, has a single Active Directory domain named intranet.adatum.com. The domain has two domain controllers that run Windows Server 2008 R2 operating system. The domain controllers also run DNS servers. The intranet.adatum.com DNS zone is configured as an Active Directory-integrated zone with the Dynamic updates setting configured to Secure only. A new corporate security policy requires that the intranet.adatum.com DNS zone must be updated only by domain controllers or member servers. You need to configure the intranet.adatum.com zone to meet the new security policy requirement. Which two actions should you perform()A、Remove the Authenticated Users account from the Security tab of the intranet.adatum.com DNS zone properties.B、Assign the SELF Account Deny on Write permission on the Security tab of the intranet.adatum.com DNS zone propC、Assign the server computer accounts the Allow on Write All Properties permission on the Security tab of the intraneD、Assign the server computer accounts the Allow on Create All Child Objects permission on the Security tab of the int
考题
our network contains two Active Directory forests named contoso.com and adatum.com. The functional level of both forests is Windows Server 2008 R2. Each forest contains one domain. Active Directory Certificate Services (AD CS) is configured in the contoso.com forest to allow sers from The safer , easier way to help you pass any IT exams. 3 / 90 both forests to automatically enroll user certificates. You need to ensure that all users in the adatum.com forest have a user certificate from the contoso.com certification authority (CA). What should you configure in the adatum.com domain()A、From the Default Domain Controllers Policy, modify the Enterprise Trust settings.B、From the Default Domain Controllers Policy, modify the Trusted Publishers settings.C、From the Default Domain Policy, modify the Certificate Enrollment policy.D、From the Default Domain Policy, modify the Trusted Root Certification Authority settings.
考题
You have an Active Directory domain that runs Windows Server 2008 R2. You need to implement a certification authority (CA) server that meets the following requirements: - Allows the certification authority to automatically issue certificates - Integrates with Active Directory Domain Services What should you do()A、Install and configure the Active Directory Certificate Services server role as a Standalone Root CA .B、Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA .C、Purchase a certificate from a third-party certification authority. Install and configure the Active Directory Certificate SD、Purchase a certificate from a third-party certification authority. Import the certificate into the computer store of the sc
考题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration SC、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
考题
单选题Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Serever 2008 Standart. You need to install an enterprise subordinate certification authority (CA) that support private key archival. You must achieve this goal by using the minimum amount of administrative effort. What do you do first()A
Initialize the Trusted Platform Module (TPM)B
Upgrade the menber server to Windows Server 2008 R2 Standard.C
Install the Certificate Enrollment Policy Web Service role service on the member server.D
Run the Security Configuration Wizard (SCW) and select the Active Directory Certificate Services - Certification
考题
单选题Certkiller .com has a network that is comprise of a single Active Directory Domain. As an administrator at Certkiller .com, you install Active Directory Lightweight Directory Services (AD LDS) on a server that runs Windows Server 2008. To enable Secure Sockets Layer (SSL) based connections to the AD LDS server, you install certificates from a trusted Certification Authority (CA) on the AD LDS server and client computers. Which tool should you use to test the certificate with AD LDS()A
Ldp.exeB
Active Directory Domain servicesC
ntdsutil.exeD
Lds.exeE
wsamain.exeF
None of the above
考题
单选题our network contains two Active Directory forests named contoso.com and adatum.com. The functional level of both forests is Windows Server 2008 R2. Each forest contains one domain. Active Directory Certificate Services (AD CS) is configured in the contoso.com forest to allow sers from The safer , easier way to help you pass any IT exams. 3 / 90 both forests to automatically enroll user certificates. You need to ensure that all users in the adatum.com forest have a user certificate from the contoso.com certification authority (CA). What should you configure in the adatum.com domain()A
From the Default Domain Controllers Policy, modify the Enterprise Trust settings.B
From the Default Domain Controllers Policy, modify the Trusted Publishers settings.C
From the Default Domain Policy, modify the Certificate Enrollment policy.D
From the Default Domain Policy, modify the Trusted Root Certification Authority settings.
考题
单选题You are the network administrator for Contoso Pharmaceuticals. The network consists of a single Active Directory forest. The forest contains Windows Server 2003 servers and Windows XP Professional computers. The forest consists of a forest root domain named contoso.com and two child domains named child1.contoso.com and child2.contoso.com. The child1.contoso.com domain contains a member server named Server1. You configure Server1 to be an enterprise certification authority (CA), and you configure a user certificate template. You enable the Publish certificate in Active Directory setting in the certificate template. You instruct users in both the child1.contoso.com and the child2.contoso.com domains to enroll for user certificates. You discover that the certificates for user accounts in the child1.contoso.com domain are being published to Active Directory, but the certificates for user accounts in the child2.contoso.com domain are not. You want certificates issued by Server1 to child2.contoso.com domain user accounts to be published in Active Directory. What should you do? ()A
Configure user certificate autoenrollment for all domain user accounts in the contoso.com domain.B
Configure user certificate autoenrollment for all domain user accounts in the child2.contoso.com domain.C
Add Server1 to the Cert Publishers group in the contoso.com domain.D
Add Server1 to the Cert Publishers group in the child2.contoso.com domain.
考题
单选题Your network contains two Active Directory forests named contoso.com and adatum.com. The functional level of both forests is Windows Server 2008 R2. Each forest contains one domain. Active Directory Certificate Services (AD CS) is configured in the contoso.com forest to allow users from both forests to automatically enroll user certificates. You need to ensure that all users in the adatum.com forest have a user certificate from the contoso.com certification authority (CA). What should you configure in the adatum.com domain()A
From the Default Domain Controllers Policy, modify the Enterprise Trust settings.B
From the Default Domain Controllers Policy, modify the Trusted Publishers settings.C
From the Default Domain Policy, modify the Certificate Enrollment policy.D
From the Default Domain Policy, modify the Trusted Root Certification Authority settings.
考题
单选题Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A
Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B
Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.C
Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D
Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
考题
单选题Your company has an Active Directory domain. AlI servers run Windows Server 2008. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A
Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B
Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.C
Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D
Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
考题
单选题Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do()A
Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B
Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration SC
Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D
Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
考题
单选题our network contains a Web server named Server1 that runs Windows Server 2003 and Internet Information Server (IIS). Server1 has a server certificate from an Enterprise Certificate Authority (CA) installed.External users report that when they try to access the Web site from outside the corporate network by using a Web browser, they receive the following warning message: “There is a problem with this Web site’s security certificate. The security certificate presented by this Web site was not issued by a trusted certificate authority.” You find that users on the corporate network do not receive this error.You need to ensure that external users do not receive the warning message when connecting to Server1. What should you do?()A
In IIS Manager, enable the Enable client certificate mapping option. B
In IIS Manager, replace the certificate with a certificate obtained from a public Certification Authority. C
In Local Security Policy, enable Domain Member: Require strong (Windows 2000 or later) session key. D
In Local Security Policy, enable Domain Member: Digitally encrypt or sign secure channel data
考题
单选题Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an ENterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A
Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B
Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C
Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group object.D
Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
考题
单选题You have an Active Directory domain that runs Windows Server 2008 R2. You need to implement a certification authority (CA) server that meets the following requirements: - Allows the certification authority to automatically issue certificates - Integrates with Active Directory Domain Services What should you do()A
Install and configure the Active Directory Certificate Services server role as a Standalone Root CA .B
Install and configure the Active Directory Certificate Services server role as an Enterprise Root CA .C
Purchase a certificate from a third-party certification authority. Install and configure the Active Directory Certificate SD
Purchase a certificate from a third-party certification authority. Import the certificate into the computer store of the sc
考题
单选题Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise Intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A
Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B
Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.C
Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy object.D
Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.
考题
单选题Certkiller .com has a domain controller that runs Windows Server 2008. The Certkiller .com network boosts 40 Windows Vista client machines. As an administrator at Certkiller .com, you want to deploy Active Directory Certificate service (AD CS) to authorize the network users by issuing digital certificates. What should you do to manage certificate settings on all machines in a domain from one main location()A
Configure Enterprise CA certificate settingsB
Configure Enterprise trust certificate settingsC
Configure Advance CA certificate settingsD
Configure Group Policy certificate settingsE
All of the above
热门标签
最新试卷