网友您好, 请在下方输入框内输入要搜索的题目:
题目内容
(请给出正确答案)
You have an enterprise subordinate certification authority (CA). You have a group named Group1. You need to allow members of Group1 to publish new certificate revocation lists. Members of Group1 must not be allowed to revoke certificates. What should you do()
- A、Add Group1 to the local Administrators group.
- B、Add Group1 to the Certificate Publishers group.
- C、Assign the Manage CA permission to Group1.
- D、Assign the Issue and Manage Certificates permission to Group1.
参考答案
更多 “ You have an enterprise subordinate certification authority (CA). You have a group named Group1. You need to allow members of Group1 to publish new certificate revocation lists. Members of Group1 must not be allowed to revoke certificates. What should you do()A、Add Group1 to the local Administrators group.B、Add Group1 to the Certificate Publishers group.C、Assign the Manage CA permission to Group1.D、Assign the Issue and Manage Certificates permission to Group1.” 相关考题
考题
Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline root CA and an online issuing CA. The Enterprise certification authority is running Windows Server 2008 R2. You need to ensure users are able to enroll new certificates. What should you do()A、Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing CB、Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in thC、Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.D、Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.
考题
You need to design a PKI for Litware, Inc. What should you do?()A、Add one offline stand-alone root certificate authority(CA).Add two online enterprise subordinate CAsB、Add one online stand-alone root certification authority(CA).Add two online enterprise subordinate CAsC、Add one online enterprise root certification authority CA).Add one offline enterprise subordinate CAD、Add one online enterprise root certification authority(CA).Add two online enterprise subordinate CAs
考题
Your company has an Active Directory domain. All servers run Windows Server 2008. You deploy a Certification Authority (CA) server. You create a new global security group named CertIssuers. You need to ensure that members of the CertIssuers group can issue, approve, and revoke certificates. What should you do()A、Assign the Certificate Manager role to the CertIssuers group.B、Place CertIssuers group in the Certificate Publisher groupC、Run the certsrv -add CertIssuers command promt of the certificate serverD、Run the add -member-membertype memberset CertIssuers command by using Microsoft WindowsPowershell
考题
Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()A、an account that is a member of the Certificate Publishers group in the child domainB、an account that is a member of the Certificate Publishers group in the forest root domainC、an account that is a member of the Schema Admins group in the forest root domainD、an account that is a member of the Enterprise Admins group in the forest root domain
考题
You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure (PKI) for the company. You want to deploy a certification authority (CA) on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue, approve, and revoke certificates to members of the Cert Administrators group. What should you do?()A、 Add the Cert Administrators group to the Cert Publishers group in the domain.B、 Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow - Write permission.C、 Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow - Modify permission.D、 Assign the Certificate Managers role to the Cert Administrators group.
考题
You have an enterprise subordinate certification authority (CA). You have a group named Group1. You need to allow members of Group1 to publish new certificate revocation lists. Members of Group1 must not be allowed to revoke certificates. What should you do()A、Add Group1 to the local Administrators group.B、Add Group1 to the Certificate Publishers group.C、Assign the Manage CA permission to Group1.D、Assign the Issue and Manage Certificates permission to Group1.
考题
You have an Exchange Server 2010 organization. The organization contains a global security group named Group1. You plan to deploy a monitoring solution for the Exchange servers in your organization. You need to recommend a solution that allows members of Group1 to monitor the performance of Exchange Server 2010 servers. Your solution must prevent members of Group1 from modifying the configurations of the Exchanges Server 2010 organization. What should you include in the solution?()A、Delegation of Control WizardB、Federation TrustsC、Reliability MonitorD、Role Based Access Control (RBAC)
考题
You have an enterprise subordinate certification authority (CA). You have a custom certificate template that has a key length of 1,024 bits. The template is enabled for autoenrollment. You increase the template key length to 2,048 bits. You need to ensure that all current certificate holders automatically enroll for a certificate that uses the new template. Which console should you use()A、Active Directory Administrative CenterB、Certification AuthorityC、Certificate TemplatesD、Group Policy Management
考题
You have a computer that runs Windows XP Professional. The computer is joined to an Active Directory domain. The domain contains a global group named Group1. You share a folder named Folder1 on the computer. You modify the NTFS permissions on Folder1 to assign Full Control to Group1. Users from Group1 report that they are unable to add files to Folder1 from the network. You need to ensure that members of Group1 can add files to Folder1 from the network. What should you do?() A、Add Group1 to the Power Users group.B、Add Group1 to the HelpServicesGroup.C、Modify the share permissions on Folder1. D、Enable simple file sharing and modify the NTFS permissions on Folder1.
考题
You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your company’s corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A、Revoke the employee’s smart card certificate.B、Disable the employee’s Active Directory account.C、Publish a new delta certificate revocation list (CRL).D、Reset the password for the employee’s Active Directory account.
考题
You have a Windows Server 2008 R2 Enterprise Root certification authority (CA). You need to grant members of the Account Operators group the ability to only manage Basic EFS certificates. You grant the Account Operators group the Issue and Manage Certificates permission on the CA . Which three tasks should you perform next()A、Enable the Restrict Enrollment Agents option on the CA .B、Enable the Restrict Certificate Managers option on the CA .C、Add the Basic EFS certificate template for the Account Operators group.D、Grant the Account Operators group the Manage CA permission on the CA .E、Remove all unnecessary certificate templates that are assigned to the Account Operators group.
考题
You have an Exchange Server 2010 organization.The organization contains a distribution group named Group1.You need to ensure that a user named User1 can review and approve all messages sent to Group1.You must prevent User1 from modifying the membership of Group1. What should you do?()A、Add User1 to Group1 Managed by listB、Assign User1 as a group moderator for Group1.C、Assign the Message Tracking management role to User1.D、Add User1 to Group1 and then create a new journal rule.
考题
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()A、Import the enterprise root CA certificate.B、Configure the Certificate Revocation List Distribution Point extension.C、Configure the Authority Information Access (AIA) extension.D、Add the Server2 computer account to the CertPublishers group.
考题
our network contains a server that runs window server 2008. The serve has the network policy server(NPS) service role installed. You need to allow only members of a global group named group1 VPN access to the network. What should you do?()A、Add group1 to the RAS and IAS servers group.B、Add group1 to the network configuration operators group..C、Create a new network policy and define a group-based connection for group1. Set the access permission of the policy to access granted. Set the processing order of the policy to 1.D、Create a new network policy and define a group-based condition for group1. Set the access permission of the policy to acces granted. Set the processing of the policy to 3.
考题
You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your companys corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A、Revoke the employees smart card certificate.B、Disable the employees Active Directory account.C、Publish a new delta certificate revocation list (CRL).D、Reset the password for the employees Active Directory account.
考题
You have an Exchange Server 2010 organization.You have a group named Group1 that contains 10,000 members.You need to ensure that an informative message is displayed when users add Group1 to the recipient list of an e-mail message. What should you do?()A、Configure a MailTip.B、Create a transport rule.C、Create a Send connector.D、Configure an expansion server.
考题
You have a server that runs Windows Server 2008. The server has the Web Server (IIS) server role installed. The server contains a Web site that is configured to use only Windows Authentication. You have a security group named Group1 that contains several user accounts. You need to prevent the members of Group1 from accessing a Web site. You must not prevent other users from accessing the Web site. Which Web site feature should you configure?()A、AuthenticationB、Authorization RulesC、IIS Manager PermissionsD、SSL Settings
考题
You are the network administrator for your company. The network contains a single Active Directory domain. All computers on the network are members of the domain. All domain controllers run Windows Server 2003. You are planning a public key infrastructure (PKI). The PKI design documents for your company specify that certificates that users request to encrypt files must have a validity period of two years. The validity period of a Basic EFS certificate is one year. In the Certificates Templates console, you attempt to change the validity period for the Basic EFS certificate template. However, the console does not allow you to change the value. You need to ensure that you can change the value of the validity period of the certificate that users request to encrypt files. What should you do? ()A、 Install an enterprise certification authority (CA) in each domain.B、 Assign the Domain Admins group the Allow - Full Control permission for the Basic EFS certificate template.C、 Create a duplicate of the Basic EFS certificate template. Enable the new template for issuing certificate authorities.D、 Instruct users to connect to the certification authority (CA) Web enrollment pages to request a Basic EFS certificate.
考题
单选题Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an enterprise CA is disabled. You need to install an enterprise subordinate CA on the server. What should you use to log on to the new server()A
an account that is a member of the Certificate Publishers group in the child domainB
an account that is a member of the Certificate Publishers group in the forest root domainC
an account that is a member of the Schema Admins group in the forest root domainD
an account that is a member of the Enterprise Admins group in the forest root domain
考题
单选题You have an enterprise subordinate certification authority (CA). You have a custom certificate template that has a key length of 1,024 bits. The template is enabled for autoenrollment. You increase the template key length to 2,048 bits. You need to ensure that all current certificate holders automatically enroll for a certificate that uses the new template. Which console should you use()A
Active Directory Administrative CenterB
Certification AuthorityC
Certificate TemplatesD
Group Policy Management
考题
单选题You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your company’s corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A
Revoke the employee’s smart card certificate.B
Disable the employee’s Active Directory account.C
Publish a new delta certificate revocation list (CRL).D
Reset the password for the employee’s Active Directory account.
考题
单选题You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates. Users are required to log on to the domain by using a smart card. Your companys corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked. An employee resigns. You need to immediately prevent the employee from logging on to the domain. What should you do()A
Revoke the employees smart card certificate.B
Disable the employees Active Directory account.C
Publish a new delta certificate revocation list (CRL).D
Reset the password for the employees Active Directory account.
热门标签
最新试卷