单项选择题
You have an enterprise subordinate certification authority (CA). The CA issues smart card logon certificates.
Users are required to log on to the domain by using a smart card. Your company’s corporate security policy states that when an employee resigns, his ability to log on to the network must be immediately revoked.
An employee resigns. You need to immediately prevent the employee from logging on to the domain.
What should you do()
A.Revoke the employee’s smart card certificate.
B.Disable the employee’s Active Directory account.
C.Publish a new delta certificate revocation list (CRL).
D.Reset the password for the employee’s Active Directory account.
相关考题
-
单项选择题
Your network contains an enterprise root certification authority (CA). You need to ensure that a certificate issued by the CA is valid. What should you do()
A.Run syskey.exe and use the Update option.
B.Run sigverif.exe and use the Advanced option.
C.Run certutil.exe and specify the -verify parameter.
D.Run certreq.exe and specify the -retrieve parameter. -
单项选择题
You have a server named Server1 that has the following Active Directory Certificate Services (AD CS) role services installed: -Enterprise root certification authority (CA) -Certificate Enrollment Web Service -Certificate Enrollment Policy Web Service You create a new certificate template. External users report that the new template is unavailable when they request a new certificate. You verify that all other templates are available to the external users. You need to ensure that the external users can request certificates by using the new template. What should you do on Server1()
A.Run iisreset.exe /restart.
B.Run gpupdate.exe /force.
C.Run certutil.exe -dspublish.
D.Restart the Active Directory Certificate Services service. -
单项选择题
Your network contains two Active Directory forests named contoso.com and adatum.com. The functional level of both forests is Windows Server 2008 R2. Each forest contains one domain. Active Directory Certificate Services (AD CS) is configured in the contoso.com forest to allow users from both forests to automatically enroll user certificates. You need to ensure that all users in the adatum.com forest have a user certificate from the contoso.com certification authority (CA). What should you configure in the adatum.com domain()
A.From the Default Domain Controllers Policy, modify the Enterprise Trust settings.
B.From the Default Domain Controllers Policy, modify the Trusted Publishers settings.
C.From the Default Domain Policy, modify the Certificate Enrollment policy.
D.From the Default Domain Policy, modify the Trusted Root Certification Authority settings.
