|
Objective 6.1
Configure Active Directory Directory Service for Certificate Publication
19-5
Objective 6.1 Questions
1.
Which of the following conditions must a user on a Windows Server 2003
network
meet to obtain an IPSec certificate from an enterprise CA? (Choose all that
apply.)
A. The user must have an account in Active Directory.
B. The user must have access to the Certification Authority console.
C. The user must have the Enroll permission for the IPSec certificate
template.
D. An administrator must manually process the user’s certificate enrollment
request.
2.
You are a user on a network running Windows Server 2003 Active Directory
with an
enterprise CA, and you need a certificate to encrypt your data files using
Encrypting File
System (EFS). Which of the following procedures can you use to obtain the
certificate?
A. Open the Certificates snap-in in Microsoft Management Console and request
a cer-
tificate from the CA.
B. Display the Command Prompt window and use the Certutil.exe program to
request a certificate from the CA.
C. Open the Certificate Templates snap-in in Microsoft Management Console,
select
the Basic EFS template, and request a certificate.
D. Open Microsoft Internet Explorer, connect to the Certificate Services Web
Enroll-
ment Support page on the CA, and generate a certificate request.
3.
You are a network administrator for a company with an Active Directory
network using
servers running Windows Server 2003. The network’s PKI consists of multiple
enter-
prise CAs in various offices throughout the enterprise. After checking the
security logs
on the CAs at the branch offices, you discover that an unauthorized user
gained access
to the Administrator account and has compromised one of the CAs. As a
result, you
must make sure that no certificates issued by that CA are ever used again.
Which of the
following tools can you use to revoke the certificates issued by the CA?
(Choose all that
apply.)
A. The Certificate Templates snap-in
B. The Certificates snap-in
C. Certutil.exe
D. The Certification Authority console
|
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)
.png)