单项选择题
You have an enterprise subordinate certification authority (CA). You have a custom Version 3 certificate template.
Users can enroll for certificates based on the custom certificate template by using the Certificates console.
The certificate template is unavailable for Web enrollment. You need to ensure that the certificate template is available on the Web enrollment pages.
What should you do()
A.Run certutil.exe -pulse.
B.Run certutil.exe -installcert.
C.Change the certificate template to a Version 2 certificate template.
D.On the certificate template, assign the Autoenroll permission to the users.
相关考题
-
多项选择题
You have Active Directory Certificate Services (AD CS) deployed. You create a custom certificate template. You need to ensure that all of the users in the domain automatically enroll for a certificate based on the custom certificate template. Which two actions should you perform()
A.In a Group Policy object (GPO), configure the autoenrollment settings.
B.In a Group Policy object (GPO), configure the Automatic Certificate Request Settings.
C.On the certificate template, assign the Read and Autoenroll permission to the Authenticated Users group.
D.On the certificate template, assign the Read, Enroll, and Autoenroll permission to the Domain Users group. -
单项选择题
You have an enterprise subordinate certification authority (CA). The CA is configured to use a hardware security module. You need to back up Active Directory Certificate Services on the CA. Which command should you run()
A.certutil.exe -backup
B.certutil.exe -backupdb
C.certutil.exe -backupkey
D.certutil.exe -store -
单项选择题
You have an enterprise subordinate certification authority (CA) configured for key archival. Three key recovery agent certificates are issued. The CA is configured to use two recovery agents. You need to ensure that all of the recovery agent certificates can be used to recover all new private keys. What should you do()
A.Add a data recovery agent to the Default Domain Policy.
B.Modify the value in the Number of recovery agents to use box.
C.Revoke the current key recovery agent certificates and issue three new key recovery agent certificates.
D.Assign the Issue and Manage Certificates permission to users who have the key recovery agent certificates.
