You may like this!
71.
You need to ensure that clients will check at least every 30 minutes as to whether a certifcate has been revoked. Which of the following should you confgure to accomplish this goal?
  • A.
    Key recovery agent
  • B.
    CRL publication interval
  • C.
    Delta CRL publication interval
  • D.
    Certifcate templates.
  • Answer & Explanation
  • Report
Answer : [C]
Explanation :
  • A. Incorrect: You can’t confgure revocation check frequency using key recovery agents.
  • B. Incorrect: The minimum period for automatic CRL publication is daily. More frequent publication requires the use of delta CRLs.
  • C. Correct: A delta CRL can be published as frequently as every 30 minutes, meaning clients will check at least this often to determine if a certifcate has been revoked.
  • D. Incorrect: You can’t confgure revocation check frequency using certifcate templates.
Report
Name Email  
72.
Which of the following revocation statuses can you change to alter the status of a certifcate from revoked to valid?
  • A.
    Certifcate Hold
  • B.
    CA Compromise
  • C.
    Key Compromise
  • D.
    Change Of Affliation
  • Answer & Explanation
  • Report
Answer : [A]
Explanation :
  • A. Correct: You can remove a Certifcate Hold status, which means that the certifcate will be recognized as valid.
  • B. Incorrect: This status cannot be modifed once set.
  • C. Incorrect: This status cannot be modifed once set.
  • D. Incorrect: This status cannot be modifed once set.
Report
Name Email  
73.
Which security groups must a user account be a member of to modify the AD RMS SCP? (Choose two answers. Each answer forms part of a complete solution.)
  • A.
    Domain Admins
  • B.
    AD RMS Enterprise Administrators
  • C.
    Enterprise Admins
  • D.
    Cryptographic Operators.
  • Answer & Explanation
  • Report
Answer : [B and C]
Explanation :
  • A. Incorrect:. The user account used to modify the SCP must be a member of the AD RMS Enterprise Administrators group and the Enterprise Admins group.
  • B. Correct: The user account used to modify the SCP must be a member of the AD RMS Enterprise Administrators group and the Enterprise Admins group.
  • C. Correct: The user account used to modify the SCP must be a member of the AD RMS Enterprise Administrators group and the Enterprise Admins group.
  • D. Incorrect: The user account used to modify the SCP must be a member of the AD RMS Enterprise Administrators group and the Enterprise Admins group.
Report
Name Email  
74.
Which of the following would you confgure if you wanted to block computers running Windows 7 and earlier operating systems from consuming AD RMS-protected content?
  • A.
    Trusted publishing domain
  • B.
    Trusted user domain
  • C.
    Exclusion policies
  • D.
    Super Users
  • Answer & Explanation
  • Report
Answer : [C]
Explanation :
  • A. Incorrect: You confgure an exclusion policy based on the lockbox to block AD RMS clients running particular operating systems.
  • B. Incorrect: You confgure an exclusion policy based on the lockbox to block AD RMS clients running particular operating systems.
  • C. Correct: You confgure an exclusion policy based on the lockbox to block AD RMS clients running particular operating systems (such as Windows 7).
  • D. Incorrect: You confgure an exclusion policy based on the lockbox to block AD RMS clients running particular operating systems.
Report
Name Email  
75.
Which of the following must you back up or have a copy of to be able to ensure that you can restore an AD RMS cluster in the event that a single server hosting all AD RMS components suffers complete data loss? (Choose three answers.)
  • A.
    Cluster key password
  • B.
    Trusted publishing domain
  • C.
    Trusted user domain
  • D.
    AD RMS databases
  • Answer & Explanation
  • Report
Answer : [A, B and D]
Explanation :
  • A. Correct: You need to have access to the cluster key password, the backed up trusted publishing domain, and the AD RMS databases to restore an AD RMS cluster in the event that a single server hosting all AD RMS components suffers complete data loss.
  • B. Correct: You need to have access to the cluster key password, the backed up trusted publishing domain, and the AD RMS databases to restore an AD RMS cluster in the event that a single server hosting all AD RMS components suffers complete data loss.
  • C. Incorrect: You need to have access to the cluster key password, the backed up trusted publishing domain, and the AD RMS databases to restore an AD RMS cluster in the event that a single server hosting all AD RMS components suffers complete data loss.
  • D. Correct: You need to have access to the cluster key password, the backed up trusted publishing domain, and the AD RMS databases to restore an AD RMS cluster in the event that a single server hosting all AD RMS components suffers complete data loss.
Report
Name Email