单选题ou have a Windows Server 2008 Enterprise Root CA. Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA. You need to allow users to request certificates from a Web interface. You install the AD CS r

题目
单选题
ou have a Windows Server 2008 Enterprise Root CA. Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA. You need to allow users to request certificates from a Web interface. You install the AD CS role. What should you do next()
A

Configure the Online Responder Role Service on a member server.

B

Configure the Online Responder Role Service on a domain controller.

C

Configure the Certification Authority Web Enrollment Role Service on a member server.

D

Configure the Certification Authority Web Enrollment Role Service on a domain controller.

相似考题

1.You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do()A、 From Windows Firewall, add an exceptionB、 From windows Firewall enable the block all incoming connections optionC、 From the Windows Firewall with Advanced Security snap-in, create an inbound ruleD、 From the Windows Firewall with Advanced Security snap-in, create an outbound rule.

2. Your network consists of a single Active Directory domain. All servers run Windows Server 2003 Service Pack 2 (SP2). You have a server named Server1. Server1 is configured as an enterprise root certification authority (CA). You perform a complete backup of Server1 that includes the system state. Server1 fails. You install a new server named Server1. You need to recover the enterprise root CA. What should you do? ()A、Restore the system state backup.B、Restore the %systemroot%/system32/certsrv folder.C、From the Certificates snap-in, import the enterprise root CA certificate.D、From the Certificates snap-in, import the enterprise root CA certificate revocation list (CRL).

3. Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company runs an Enterprise Root certification authority (CA).   You need to ensure that only administrators can sign code. Which two task should you perform()A、Publish the code signing template.B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and  allow only administrators to apply the policy.C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted  Publishers.D、Modify the security settings on the template to allow only administrators to request code signing  certificates.

4. Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA.  The Enterprise Intermediate CA certificate expires.    You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA  server.C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers  group policy object.D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy  object.

更多“ou have a Windows Server 2008 Enterprise Root CA. Security p”相关问题

  • 第1题:

    You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2.   Server1 is configured as an enterprise root certification authority (CA).    You install the Online Responder role service on Server2.    You need to configure Server1 to support the Online Responder. What should you do()

    • A、Import the enterprise root CA certificate.
    • B、Configure the Certificate Revocation List Distribution Point extension.
    • C、Configure the Authority Information Access (AIA) extension.
    • D、Add the Server2 computer account to the CertPublishers group.

    正确答案:C

  • 第2题:

    You need to recommend a Windows Server 2008 R2 server configuration that meets the following  requirements:   èSupports the installation of Microsoft SQL Server 2008   èProvides redundancy for SQL services if a single server fails What should you recommend?() 

    • A、Install a Server Core installation of Windows Server 2008 R2 Enterprise on two servers. Configure the servers in a failover cluster.
    • B、Install a full installation of Windows Server 2008 R2 Standard on two servers. Configure Network Load Balancing on the two servers.
    • C、Install a full installation of Windows Server 2008 R2 Enterprise on two servers. Configure Network Load Balancing on the two servers.
    • D、Install a full installation of Windows Server 2008 R2 Enterprise on two servers. Configure the servers in a failover cluster.

    正确答案:D

  • 第3题:

    Your network contains an Active Directory forest. All domain controllers run Windows Server  2008 Standard. The functional level of the domain is Windows Server 2003. You have a  certification authority (CA).   The relevant servers in the domain are configured as shown in the following table:     Server name  Operating system  Server role   Server1  Windows Server 2003  Enterprise root CA  Server2  Windows Server 2008  Enterprise subordinate CA  Server3  Windows Server 2008 R2  Web Server   You need to ensure that you can install the Active Directory Certificate Services (AD CS)  Certificate Enrollment Web Service on the network.     What should you do()

    • A、Upgrade Server1 to Windows Server 2008 R2.
    • B、Upgrade Server2 to Windows Server 2008 R2.
    • C、Raise the functional level of the domain to Windows Server 2008.
    • D、Install the Windows Server 2008 R2 Active Directory Schema updates.

    正确答案:D

  • 第4题:

    单选题
    Your company has an Active Directory domain. You have a two-tier PKI infrastructure that  contains an offline root CA and an online issuing CA. The Enterprise certification authority is  running Windows Server 2008 R2.   You need to ensure users are able to enroll new certificates.     What should you do()
    A

    Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing C

    B

    Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in th

    C

    Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.

    D

    Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.


    正确答案: B
    解析: 暂无解析

  • 第5题:

    单选题
    You plan to deploy a fault-tolerant virtual infrastructure based on Hyper-V. The virtual infrastructure will include a two-node Hyper-V host cluster that will contain eight virtual machines (VMs). All of the VMs will run Windows Server 2008 R2 Standard. If one of the nodes fails, the VMs must continue to run on the other node. You need to identify the minimum number and the type of licenses required for the planned deployment. What should you identify?()
    A

    two Windows Server 2008 R2 Enterprise licenses and eight Windows Server 2008 R2 Standard licenses

    B

    two Windows Server 2008 R2 Enterprise licenses and four Windows Server 2008 R2 Standard licenses

    C

    four Windows Server 2008 R2 Enterprise licenses

    D

    eight Windows Server 2008 R2 Standard licenses


    正确答案: D
    解析: 暂无解析

  • 第6题:

    单选题
    You plan to deploy three Hyper-V servers named Server1 Server2, and Server3. Server1 will host three virtual machines (VMs), Server2 will host two VMs, and Server3 will host five VMs. All of the VMs will run Windows Server 2008 R2 Standard. You need to identify the minimum number and the type of licenses required for the planned deployment. The solution must minimize software costs. What should you identify?()
    A

    Three Windows Server 2008 R2 Enterprise licenses and one Windows Server 2008 R2 Standard license

    B

    Three Windows Server 2008 R2 Enterprise licenses

    C

    Three Windows Server 2008 R2 Standard licenses

    D

    Three Windows Server 2008 R2 Enterprise licenses and 10 Windows Server 2008 R2 Standard licenses


    正确答案: D
    解析: 暂无解析

  • 第7题:

    单选题
    You have a Windows Server 2008 R2 Enterprise Root CA . Security policy prevents port 443 and  port 80 from being opened on domain controllers and on the issuing CA .   You need to allow users to request certificates from a Web interface. You install the Active  Directory Certificate Services (AD CS) server role.     What should you do next()
    A

    Configure the Online Responder Role Service on a member server.

    B

    Configure the Online Responder Role Service on a domain controller.

    C

    Configure the Certificate Enrollment Web Service role service on a member server.

    D

    Configure the Certificate Enrollment Web Service role service on a domain controller.


    正确答案: A
    解析: 暂无解析

  • 第8题:

    多选题
    You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an Enterprise Root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server2 to issue certificate revocation lists (CRL) for the enterprise root CA. Which two tasks should you perform()
    A

    Import the enterprise root CA certificate.

    B

    Import the OCSP Response Signing certificate.

    C

    Add the Server1 computer account to the CertPublishers group.

    D

    Set the Startup Type of the Certificate Propagation service to Automatic.


    正确答案: B,C
    解析: 暂无解析

  • 第9题:

    ou have a Windows Server 2008 Enterprise Root CA. Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA. You need to allow users to request certificates from a Web interface. You install the AD CS role. What should you do next()

    • A、Configure the Online Responder Role Service on a member server.
    • B、Configure the Online Responder Role Service on a domain controller.
    • C、Configure the Certification Authority Web Enrollment Role Service on a member server.
    • D、Configure the Certification Authority Web Enrollment Role Service on a domain controller.

    正确答案:C

  • 第10题:

    You have two servers named Server1 and Server2. Both servers run Windows Server 2008. Server1 is configured as an enterprise root certification authority (CA). You install the Online Responder role service on Server2. You need to configure Server1 to support the Online Responder. What should you do()

    • A、Import the enterprise root CA certificate.
    • B、Configure the Certificate Distribution Point (CDP) extension.
    • C、Configure the Authority Information Access (AIA) extension.
    • D、Add the Server2 computer account to the CertPublishers group.

    正确答案:C

  • 第11题:

    单选题
    Your network contains an Active Directory forest. All domain controllers run Windows Server 2008   Standard. The functional level of the domain is Windows Server 2003.  You have a certification authority (CA).   The relevant servers in the domain are configured as shown in the following table.  Server name  Operating system  Server role   Server1  Windows Server 2003  Enterprise root CA  Server2  Windows Server 2008  Enterprise subordinate CA    Server3  Windows Server 2008 R2    Web Server   You need to ensure that you can install the Active Directory Certificate Services (AD CS) Certificate   Enrollment Web Service on the network.   What should you do()
    A

    Upgrade Server1 to Windows Server 2008 R2.

    B

    Upgrade Server2 to Windows Server 2008 R2.

    C

    Raise the functional level of the domain to Windows Server 2008.

    D

    Install the Windows Server 2008 R2 Active Directory Schema updates.


    正确答案: B
    解析: 暂无解析

  • 第12题:

    单选题
    You have a Windows Server 2008 R2 Enterprise Root CA.   Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing  CA.   You need to allow users to request certificates from a Web interface. You install the Active Directory  Certificate Services (AD CS) server role. What should you do next()
    A

    Configure the Online Responder Role Service on a member server.

    B

    Configure the Online Responder Role Service on a domain controller.

    C

    Configure the Certificate Enrollment Web Service role service on a member server.

    D

    Configure the Certificate Enrollment Web Service role service on a domain controller.


    正确答案: D
    解析: 暂无解析

  • 第13题:

    单选题
    Your network contains an Active Directory domain.   You have a server named Server1 that runs Windows Server 2008 R2. Server1 is an enterprise root  certification authority (CA).   You have a client computer named Computer1 that runs Windows 7.   You enable automatic certificate enrollment for all client computers that run Windows 7.  You need to verify that the Windows 7 client computers can automatically enroll for certificates.  Which command should you run on Computer1()
    A

    certreq.exe retrieve

    B

    certreq.exe submit

    C

    certutil.exe getkey

    D

    certutil.exe pulse


    正确答案: D
    解析: 暂无解析

  • 第14题:

    多选题
    Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perform()
    A

    Publish the code signing template.

    B

    Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admi

    C

    Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.

    D

    Modify the security settings on the template to allow only administrators to request code signing certificates.


    正确答案: C,A
    解析: 暂无解析

  • 第15题:

    单选题
    You have a server that runs Windows Server 2008. You need to prevent the server from establishing communication sessions to other computers by using TCP port 25. What should you do()
    A

     From Windows Firewall, add an exception

    B

     From windows Firewall enable the block all incoming connections option

    C

     From the Windows Firewall with Advanced Security snap-in, create an inbound rule

    D

     From the Windows Firewall with Advanced Security snap-in, create an outbound rule.


    正确答案: C
    解析: 暂无解析

相关内容