Feedback
Home
You may like this!
66.
Which of the following CA types must be deployed on domain-joined computers?
  • A.
    Enterprise root
  • B.
    Enterprise subordinate
  • C.
    Standalone root
  • D.
    Standalone subordinate
  • Answer & Explanation
  • Report
Answer : [A , B]
Explanation :
  • A. Correct: Enterprise CAs must be deployed on domain-joined computers.
  • B. Correct: Enterprise CAs must be deployed on domain-joined computers.
  • C. Incorrect: Standalone CAs can be deployed on non-domain-joined computers.
  • D. Incorrect: Standalone CAs can be deployed on non-domain-joined computers.
Report
Name Email  
67.
In a passive scan, a wireless client uses which one of the following methods to discover nearby APs?
  • A.
    Read
  • B.
    Issue And Manage Certifcates
  • C.
    Manage CA
  • D.
    Request Certifcates
  • Answer & Explanation
  • Report
Answer : [B]
Explanation :
  • A. Incorrect: The Issue And Manage Certifcates permission allows a security principal to respond to certifcate requests.
  • B. Correct: The Issue And Manage Certifcates permission allows a security principal to respond to certifcate requests.
  • C. Incorrect: The Issue And Manage Certifcates permission allows a security principal to respond to certifcate requests.
  • D. Incorrect: The Issue And Manage Certifcates permission allows a security principal to respond to certifcate requests.
Report
Name Email  
68.
Which permission should you assign on a CA to a group of users that you want to allow to alter the list of recovery agents?
  • A.
    Read
  • B.
    Issue And Manage Certifcates
  • C.
    Manage CA
  • D.
    Request Certifcates.
  • Answer & Explanation
  • Report
Answer : [C]
Explanation :
  • A. Incorrect: The Manage CA permission allows users to alter the list of recovery agents.
  • B. Incorrect: The Manage CA permission allows users to alter the list of recovery agents.
  • C. Correct: The Manage CA permission allows users to alter the list of recovery agents.
  • D. Incorrect: The Manage CA permission allows users to alter the list of recovery agents.
Report
Name Email  
69.
You want to enable key archiving on a CA. You need to issue a certifcate from a specifc template to the user who will recover private keys. Which certifcate template will you use as the basis for this certifcate?
  • A.
    Kerberos authentication
  • B.
    Code signing
  • C.
    OCSP response signing
  • D.
    Key recovery agent
  • Answer & Explanation
  • Report
Answer : [D]
Explanation :
  • A. Incorrect: You need to issue a certifcate from the key recovery agent template to a user before you can enable key archiving on a CA.
  • B. Incorrect: You need to issue a certifcate from the key recovery agent template to a user before you can enable key archiving on a CA.
  • C. Incorrect: You need to issue a certifcate from the key recovery agent template to a user before you can enable key archiving on a CA.
  • D. Correct: You need to issue a certifcate from the key recovery agent template to a user before you can enable key archiving on a CA.
Report
Name Email  
70.
Which group policy item should you confgure to enable automatic reenrollment of certifcates?
  • A.
    Certifcate Path Validation Settings
  • B.
    Certifcate Services Client – Certifcate Enrollment Policy
  • C.
    Certifcate Services Client – Auto-Enrollment
  • D.
    Trusted Root Certifcation Authorities
  • Answer & Explanation
  • Report
Answer : [C]
Explanation :
  • A. Incorrect: This policy allows you to confgure which root CAs clients trust.
  • B. Incorrect: This policy allows you to modify the default certifcate enrollment policy.
  • C. Correct: You confgure automatic reenrollment by confguring the Certifcate Services Client – Auto-Enrollment policy.
  • D. Incorrect: This policy allows you to confgure trusted root CAs.
Report
Name Email  
 
  © 2024 infibee.com. All Rights Reserved.   Copyright | Privacy Policy | Sitemap  
Contact us on : info@infibee.com  
 
 
Share   Facebook   Twitter   Google +   Digg