多选题Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perfo

题目
多选题
Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perform()
A

Publish the code signing template.

B

Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admi

C

Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.

D

Modify the security settings on the template to allow only administrators to request code signing certificates.

相似考题

1. Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perform()A、Publish the code signing template.B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admiC、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.D、Modify the security settings on the template to allow only administrators to request code signing certificates.

2. Your company has an Active Directory domain. You have a two-tier PKI infrastructure that  contains an offline root CA and an online issuing CA. The Enterprise certification authority is  running Windows Server 2008 R2.   You need to ensure users are able to enroll new certificates.     What should you do()A、Renew the Certificate Revocation List (CRL) on the root CA . Copy the CRL to the CertEnroll folder on the issuing CB、Renew the Certificate Revocation List (CRL) on the issuing CA . Copy the CRL to the SystemCertificates folder in thC、Import the root CA certificate into the Trusted Root Certification Authorities store on all client workstations.D、Import the issuing CA certificate into the Intermediate Certification Authorities store on all client workstations.

3. Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You manage client computers by using Microsoft System Center Configuration Manager 2007 R2. You are deploying Microsoft Enterprise Desktop Virtualization (MED-V) to support client virtualization requirements. You need to ensure that administrators can centrally store MED-V logging information and generate reports. Which two actions should you perform?()A、Install and configure IIS on a member server.B、Configure a shared folder on a member server.C、Install and configure Microsoft SQL Server 2008 on a member server.D、Configure permissions for the shared folder on a member server.

4. Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your   company uses an Enterprise Root certificate authority (CA).    You need to ensure that revoked certificate information is highly available.    What should you do()A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and  Acceleration Server array.C、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to  the domain.

更多“多选题Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perfo”相关问题

  • 第1题:

    Your company has an Active Directory domain. All servers run Windows Server 2008. You deploy a Certification Authority (CA) server. You create a new global security group named CertIssuers. You need to ensure that members of the CertIssuers group can issue, approve, and revoke certificates. What should you do()

    • A、Assign the Certificate Manager role to the CertIssuers group.
    • B、Place CertIssuers group in the Certificate Publisher group
    • C、Run the certsrv -add CertIssuers command promt of the certificate server
    • D、Run the add -member-membertype memberset CertIssuers command by using Microsoft WindowsPowershell

    正确答案:A

  • 第2题:

    Your company has an Active Directory domain. All servers run Windows Server 2008. Your company uses an ENterprise Root certification authority (CA) and an Enterprise Intermediate CA. The Enterprise intermediate CA certificate expires. You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()

    • A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.
    • B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.
    • C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group object.
    • D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.

    正确答案:D

  • 第3题:

    Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA.  What should you do?()

    • A、 Assign the user account to the CA Admin role.
    • B、 Add the user account to the local Administrators group.
    • C、 Grant the user the Back up files and directories user right.
    • D、 Grant the user the Manage auditing and security log user right.

    正确答案:B

  • 第4题:

    Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA.     The Enterprise Intermediate CA certificate expires.     You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain.     What should you do()

    • A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.
    • B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA server.
    • C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers group policy ob
    • D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy object.

    正确答案:D

  • 第5题:

    Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You manage client computers by using Microsoft System Center Configuration Manager 2007 R2. You are deploying Microsoft Enterprise Desktop Virtualization (MED-V) to support client virtualization requirements. You need to ensure that administrators can centrally store MED-V logging information and generate reports. Which two actions should you perform?()

    • A、Install and configure IIS on a member server.
    • B、Configure a shared folder on a member server.
    • C、Install and configure Microsoft SQL Server 2008 on a member server.
    • D、Configure permissions for the shared folder on a member server.

    正确答案:A,C

  • 第6题:

    Your company has an Active Directory domain. All servers run Windows Server 2008 R2.     Your company uses an Enterprise Root certificate authority (CA). You need to ensure that  revoked certificate information is highly available.   What should you do()

    • A、Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.
    • B、Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration S
    • C、Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).
    • D、Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.

    正确答案:A

  • 第7题:

    Your network contains an Active Directory domain.     You have a server named Server1 that runs Windows Server 2008 R2. Server1 is an enterprise root certification authority (CA).   You have a client computer named Computer1 that runs Windows 7. You enable automatic  certificate enrollment for all client computers that run Windows 7. You need to verify that the  Windows 7 client computers can automatically enroll for certificates.     Which command should you run on Computer1()

    • A、certreq.exe -retrieve
    • B、certreq.exe -submit
    • C、certutil.exe -getkey
    • D、certutil.exe -pulse

    正确答案:D

  • 第8题:

    多选题
    Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate Services  (AD CS) is configured as a standalone Certification Authority (CA) on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform()
    A

    Configure auditing in the Certification Authority snap-in.

    B

    Enable  auditing  of  successful  and  failed  attempts  to  change  permissions  on  files  in  the %SYSTEM32%/CertSrv directory.

    C

    Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.

    D

    Enable the Audit object access setting in the Local Security Policy for the Active Directory Certificate  Services (AD CS) server.


    正确答案: C,A
    解析: 暂无解析

  • 第9题:

    多选题
    Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. Your environment includes Microsoft Enterprise Desktop Virtualization (MED-V). You use MED-V to support temporary test environments. You need to ensure that the disk space used by obsolete Workspaces is automatically minimized. Which two actions should you perform?()
    A

    Configure the Workspace as revertible.

    B

    Set an expiration date for the Workspace.

    C

    Specify the number of image versions to keep.

    D

    Configure automatic deletion of the Workspace.


    正确答案: B,C
    解析: 暂无解析

  • 第10题:

    多选题
    Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run Windows Server 2008. You need to ensure that all public DNS quieries are channeled through a singlecahing- only DNS server. Which two actions should you perform?()
    A

    Disable the root hints

    B

    Enable BIND secondaries

    C

    Configure a forwarder to the caching DNS server

    D

    Configure a GlobalNames host (A) record for the hostname of the caching DNS server


    正确答案: C,A
    解析: 暂无解析

  • 第11题:

    单选题
    Your company has a single Active Directory directory service domain. All servers in your environment run Windows Server 2003. You have a stand-alone server that serves as a Stand-alone root certification authority (CA). You need to ensure that a specific user can back up the CA and configure the audit parameters on the CA.  What should you do?()
    A

     Assign the user account to the CA Admin role.

    B

     Add the user account to the local Administrators group.

    C

     Grant the user the Back up files and directories user right.

    D

     Grant the user the Manage auditing and security log user right.


    正确答案: D
    解析: 暂无解析

  • 第12题:

    多选题
    Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You manage client computers by using Microsoft System Center Configuration Manager 2007 R2. You are deploying Microsoft Enterprise Desktop Virtualization (MED-V) to support client virtualization requirements. You need to ensure that administrators can centrally store MED-V logging information and generate reports. Which two actions should you perform?()
    A

    Install and configure IIS on a member server.

    B

    Configure a shared folder on a member server.

    C

    Install and configure Microsoft SQL Server 2008 on a member server.

    D

    Configure permissions for the shared folder on a member server.


    正确答案: A,D
    解析: 暂无解析

  • 第13题:

    Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company uses an Enterprise Root certification authority (CA) and an Enterprise Intermediate CA.  The Enterprise Intermediate CA certificate expires.    You need to deploy a new Enterprise Intermediate CA certificate to all computers in the domain. What should you do()

    • A、Import the new certificate into the Intermediate Certification Store on the Enterprise Root CA server.
    • B、Import the new certificate into the Intermediate Certification Store on the Enterprise Intermediate CA  server.
    • C、Import the new certificate into the Intermediate Certification Store in the Default Domain Controllers  group policy object.
    • D、Import the new certificate into the Intermediate Certification Store in the Default Domain group policy  object.

    正确答案:D

  • 第14题:

    Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company runs an Enterprise Root certification authority (CA).   You need to ensure that only administrators can sign code. Which two task should you perform()

    • A、Publish the code signing template.
    • B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and  allow only administrators to apply the policy.
    • C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted  Publishers.
    • D、Modify the security settings on the template to allow only administrators to request code signing  certificates.

    正确答案:A,D

  • 第15题:

    Your company has an Active Directory forest that contains only Windows Server 2003 domain controllers. You need to prepare the Active Directory domain to install Windows Server 2008 domain controllers. Which two tasks should you perform()

    • A、Run the adprep /forestprep command.
    • B、Run the adprep /domainprep command.
    • C、Raise the forest functional level to Windows Server 2008.
    • D、Raise the domain functional level to Windows Server 2008.

    正确答案:A,B

  • 第16题:

    Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run Windows Server 2008. You need to ensure that all public DNS quieries are channeled through a singlecahing- only DNS server. Which two actions should you perform?() 

    • A、Disable the root hints
    • B、Enable BIND secondaries
    • C、Configure a forwarder to the caching DNS server
    • D、Configure a GlobalNames host (A) record for the hostname of the caching DNS server

    正确答案:A,C

  • 第17题:

    Your company has an Active Directory domain. All servers run Windows Server 2008. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform()

    • A、Publish the code signing template.
    • B、Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.
    • C、Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.
    • D、Modify the security settings on the template to allow only administrators to request code signing certificates.

    正确答案:A,D

  • 第18题:

    Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate Services  (AD CS) is configured as a standalone Certification Authority (CA) on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform()

    • A、Configure auditing in the Certification Authority snap-in.
    • B、 Enable  auditing  of  successful  and  failed  attempts  to  change  permissions  on  files  in  the %SYSTEM32%/CertSrv directory.
    • C、Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.
    • D、Enable the Audit object access setting in the Local Security Policy for the Active Directory Certificate  Services (AD CS) server.

    正确答案:A,D

  • 第19题:

    多选题
    Your company has an Active Directory domain. All servers run Windows Server 2008. Your company runs an Enterprise Root certification authority (CA). You need to ensure that only administrators can sign code. Which two tasks should you perform()
    A

    Publish the code signing template.

    B

    Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only administrators to apply the policy.

    C

    Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.

    D

    Modify the security settings on the template to allow only administrators to request code signing certificates.


    正确答案: A,B
    解析: 暂无解析

  • 第20题:

    多选题
    Your company has an Active Directory domain. All servers run Windows Server 2008 R2.  Your  company runs an Enterprise Root certification authority (CA).   You need to ensure that only administrators can sign code. Which two task should you perform()
    A

    Publish the code signing template.

    B

    Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and  allow only administrators to apply the policy.

    C

    Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted  Publishers.

    D

    Modify the security settings on the template to allow only administrators to request code signing  certificates.


    正确答案: B,D
    解析: 暂无解析

  • 第21题:

    多选题
    Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your  company runs an Enterprise Root certification authority (CA).     You need to ensure that only administrators can sign code.     Which two tasks should you perform()
    A

    Publish the code signing template.

    B

    Edit the local computer policy of the Enterprise Root CA to allow users to trust peer certificates and allow only admi

    C

    Edit the local computer policy of the Enterprise Root CA to allow only administrators to manage Trusted Publishers.

    D

    Modify the security settings on the template to allow only administrators to request code signing certificates.


    正确答案: C,A
    解析: 暂无解析

  • 第22题:

    多选题
    Your company has a server that runs Windows Server 2008 R2. Active Directory Certificate  Services (AD CS) is configured as a standalone Certification Authority (CA) on the server. You  need to audit changes to the CA configuration settings and the CA security settings.     Which two tasks should you perform()
    A

    Configure auditing in the Certification Authority snap-in.

    B

    Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32%/CertSrv dire

    C

    Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%/CertLog directory.

    D

    Enable the Audit object access setting in the Local Security Policy for the Active Directory Certificate Services


    正确答案: C,B
    解析: 暂无解析

  • 第23题:

    多选题
    Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run Windows Server 2008 R2.You need to ensure that all public DNS queries are channeled through a single-caching-only DNS server. Which two actions should you perform?()
    A

    Disable the root hints.

    B

    Enable BIND secondaries.

    C

    Configure a forwarder to the caching DNS server.

    D

    Configure a GlobalNames host (A) record for the hostname of the caching DNS server.


    正确答案: D,C
    解析: 暂无解析

  • 第24题:

    多选题
    Your company has an Active Directory Domain Services (AD DS) domain. All servers run Windows Server 2008 R2. All client computers run Windows 7. You manage client computers by using Microsoft System Center Configuration Manager 2007 R2. You are deploying Microsoft Enterprise Desktop Virtualization (MED-V) to support client virtualization requirements. You need to ensure that administrators can centrally store MED-V logging information and generate reports. Which two actions should you perform?()
    A

    Install and configure IIS on a member server.

    B

    Configure a shared folder on a member server.

    C

    Install and configure Microsoft SQL Server 2008 on a member server.

    D

    Configure permissions for the shared folder on a member server.


    正确答案: A,C
    解析: 暂无解析

相关内容