Save
Busy. Please wait.
Log in with Clever
or

show password
Forgot Password?

Don't have an account?  Sign up 
Sign up using Clever
or

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
Your email address is only used to allow you to reset your password. See our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.
focusNode
Didn't know it?
click below
 
Knew it?
click below
Don't Know
Remaining cards (0)
Know
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

70-640

Active Directory Certification

QuestionAnswer
You are a domain administrator for a child domain in a multi domain Active Directory forest. Your company does not presently have a certification authority (CA) hierarchy implemented. You want to install a CA that will issue certificates for smart card Have a member of the Enterprise Admins group install an enterprise root CA in your child domain and configure it to issue smart card certificates.
You are the administrator of a small network with a single Active Directory domain. The information produced by your company is very valuable and could devastate your company’s business if leaked to competitors. You want to tighten network security by r Install a standalone root CA.
You are an administrator for a large corporation. Your department uses a single domain within the company’s multi-tree forest. Your department uses the entire building and is the only domain on the local subnet. You have a T3 connection to corporate hea Implement an enterprise root CA.
You are the administrator for a large company. You have a mix of Windows 2003 and 2008 servers throughout your organization and clients include Windows XP Professional and Windows Vista Business. You work in the engineering research department. Your com Add an enterprise root CA to issue the EFS certificates.
You are the manager for the westsim.com domain. You have previously installed Active Directory Certificate Services on a Windows Server 2008 server named CA1. CA1 is configured as an offline standalone root CA. You want to install Certificate Services o Create a new private key. Save the request as a file.
You are the manager for the westsim.com domain. You have previously installed Active Directory Certificate Services on a Windows Server 2008 server named CA1. CA1 is configured as an enterprise root CA. You want to install Certificate Services on a new On CA2, generate a private key and submit a certificate request to CA1. Add the certificate from CA1 to the trusted root store on CA2.
You are the manager for the westsim.com domain. You have previously installed Active Directory Certificate Services on a Windows Server 2008 server named CA1. CA1 is configured as an enterprise root CA. You install a new CA named CA2 as a subordinate st Add the certificate from CA1 to the trusted root store on CA2.
You are the manager for the westsim.com domain. You decide that you need to implement a Public Key Infrastructure (PKI) so that you can establish trust between your organization and various partner organizations. Prior to installing Active Directory Cer Create a Certificate Practice Statement (CPS).
You manage a network with a single domain named eastsim.com. You have a single server running Windows Server 2008 Enterprise edition. The server is not a member of the domain. You want to use this server to issue certificates using the autoenrollment fe Join the computer to the domain.
You are the administrator for the westsim.private network. The network has a single domain. The forest and domains are at Windows Server 2003 functional level. You want to configure certificates for EFS recovery agents. Certificate requests must be appr Grant the EFS Agents group the Allow Issue and Manage Certificates permission to the CA.
You manage Certificate Services for the widgets.com domain. You have just installed an enterprise root CA. You would like to archive the CA's private key. You plan on putting the private key on a USB drive, and then store the USB drive in a safe deposit In the Certification Authority console, back up the CA.
You manage Certificate Services for the westsim.com domain. Your CA hierarchy contains a single CA named CA1. You want to save the private keys for all certificates issued by the CA so that they can be restored if the private keys are destroyed. What In the Certification Authority console, enable key archival on the CA.
You manage Certificate Services for the westsim.com domain. Your CA hierarchy contains a single CA named CA1. You have configured key archival for all issued certificates and for the CA. Susan Wells calls to say that her hard disk crashed today, losin On CA1, log on as a recovery agent. Restore her private key. Copy the private key to her new computer.
You manage Certificate Services for the widgets.com domain. You have installed a single CA named CA1 as an offline, standalone root CA. You are getting ready to install a second CA in your hierarchy. You want to use this CA to issue certificates to user Install the CA as an enterprise subordinate CA. On the CA properties, configure one or more recovery agents.
You manage Certificate Services for the westsim.com domain. Your CA hierarchy contains a single CA named CA1. You configure a certificate template named EFSTemplate for EFS encryption. In the template, you designate that the certificate requests must be Add EFSMgr as a certificate manager on CA1.
You manage Certificate Services for the westsim.com domain. Your CA hierarchy contains a root CA named CA1 and several subordinate CAs. You have a staff of assistants, many of whom are allowed to manage the CAs. You decide that you want to keep track of Configure auditing for specific events on each CA. Enable object access auditing in a GPO that applies to the CAs.
You manage Certificate Services for the westsim.com domain. Your CA hierarchy contains a single CA named CA1. You have several certificate templates that are configured to require manager approval before they can be issued. On the CA, you have granted Edit the CA properties. On the Certificate Managers tab, restrict management of the EFSTemplate certificate to the CertAdmins group.
You have a Certification Authority installed on the CA1 server. You want to migrate the server to a new server with newer hardware. You have performed the necessary backup operations on CA1. You now need to perform the necessary steps to move the CA to 1. Install Certificate Services. 2. Stop the CA service. 3. Restore the CA settings from the backup. 4. Restore the registry settings. 5. Start the CA service. 6. Reconfigure issued templates. The certificate templates are stored in Active Direc
You are the security administrator for your Active Directory domain. Your domain controllers are running Windows 2008. An Enterprise root CA has been installed in your domain. Your company is using Exchange 2003 and Outlook 2003 for e-mail. You are prep Issue a Key Recovery Agent certificate to a trusted administrator and configure the Enterprise CA for the archival of private keys. Have users export their Exchange User Certificate with private key to diskette by using the Certificates snap-in. Store
You are the security administrator for your organization's Active Directory Forest. You have implemented a CA hierarchy using Windows 2008 Enterprise servers. You need to make sure that you can restore your CAs and their databases in the case of a serve Perform a system state backup on the CA servers and secure the media.
You are working as an administrator for a single Active Directory domain running in Windows Server 2003 functional level. The network consists of multiple domain controllers and member servers running Windows Server 2008. On one of the member servers, you Add the group GG-EnrollmentAgent to the ACL of the certificate template and select Read and Enroll permission.
You manage Certificate Services for the westsim.com domain. You have a single CA installed as an enterprise root CA that runs Windows Server 2008. You want to configure autoenrollment for computer certificates. When you edit the Computer certificate tem Duplicate the Computer certificate.
You manage Certificate Services for the westsim.com domain. You have a single CA installed as an enterprise root CA that runs Windows Server 2008. You want to allow users of the Research department to request certificates for EFS. You duplicate the Basi On the CA, issue the certificate template.
You manage Certificate Services for the westsim.com domain. You have a single CA installed as an enterprise root CA that runs Windows Server 2008. You duplicate the Basic EFS certificate template, and configure the CA to issue the certificate. You wan Grant Read and Write permissions to the certificate template.
You want to save the private keys issued for all certificates issued by the CA so that they can be restored if the private keys are destroyed. You want to allow members of the EFSAdmins group to recover the private keys if necessary. How do you configur For the CA, enable key archival and add the certificates for the recovery agents. Duplicate the Recovery Agent certificate template, granting the Read and Enroll permissions to the EFSAdmins group. Have each user request a certificate using the new te
Created by: 1016873780
Popular Computers sets

 

 



Voices

Use these flashcards to help memorize information. Look at the large card and try to recall what is on the other side. Then click the card to flip it. If you knew the answer, click the green Know box. Otherwise, click the red Don't know box.

When you've placed seven or more cards in the Don't know box, click "retry" to try those cards again.

If you've accidentally put the card in the wrong box, just click on the card to take it out of the box.

You can also use your keyboard to move the cards as follows:

If you are logged in to your account, this website will remember which cards you know and don't know so that they are in the same box the next time you log in.

When you need a break, try one of the other activities listed below the flashcards like Matching, Snowman, or Hungry Bug. Although it may feel like you're playing a game, your brain is still making more connections with the information to help you out.

To see how well you know the information, try the Quiz or Test activity.

Pass complete!
"Know" box contains:
Time elapsed:
Retries:
restart all cards