多项选择题
Your company has a server that runs Windows Server 2008. Certification Services is configured as a stand-alone Certification Authority (CA) on the server. You need to audit changes to the CA configuration settings and the CA security settings. Which two tasks should you perform()
A.Configure auditing in the Certification Services snap-in.
B.Enable auditing of successful and failed attempts to change permissions on files in the %SYSTEM32% \CertSrv directory.
C.Enable auditing of successful and failed attempts to write to files in the %SYSTEM32%\CertLog directory.
D.Enable the Audit object access setting in the Local Security Policy for the Certification Services server.
相关考题
-
单项选择题
YourcompanyusesaWindows2008Enterprisecertificateauthority(CA)toissuecertificates.Youneedtoimplementkeyarchival.Whatshouldyoudo()
A.Archive the private key on the server.
B.Apply the Hisecdc security template to the domain controllers.
C.Configure the certificate for automatic enrollment for the computers that store encrypted files.
D.Install an Enterprise Subordinate CA and issue a user certificate to users of the encrypted files. -
单项选择题
ouhaveaWindowsServer2008EnterpriseRootCA.Securitypolicypreventsport443andport80frombeingopenedondomaincontrollersandontheissuingCA.YouneedtoallowuserstorequestcertificatesfromaWebinterface.YouinstalltheADCSrole.Whatshouldyoudonext()
A.Configure the Online Responder Role Service on a member server.
B.Configure the Online Responder Role Service on a domain controller.
C.Configure the Certification Authority Web Enrollment Role Service on a member server.
D.Configure the Certification Authority Web Enrollment Role Service on a domain controller. -
单项选择题
YourcompanyhasanActiveDirectorydomain.AlIserversrunWindowsServer2008.YourcompanyusesanEnterpriseRootcertificateauthority(CA).Youneedtoensurethatrevokedcertificateinformationishighlyavailable.Whatshouldyoudo()
A.Implement an Online Certificate Status Protocol (OCSP) responder by using Network Load Balancing.
B.Implement an Online Certificate Status Protocol (OCSP) responder by using an Internet Security and Acceleration Server array.
C.Publish the trusted certificate authorities list to the domain by using a Group Policy Object (GPO).
D.Create a new Group Policy Object (GPO) that allows users to trust peer certificates. Link the GPO to the domain.
