Your network contains an Active Directory domain named contoso.com.
The network contains a public key infrastructure (PKI).
You deploy a new certificate revocation list (CRL) distribution point (CDP) to a server named
Server1.
You discover that users cannot download delta CRLs from Server1.
You verify that the users can download the complete CRL successfully.
You need to ensure that the users can download delta CRLs from Server1.
Which command should you run?
A.
Appcmd set config “Default Web Site”
/section:system.webServer/Security/requestFiltering -allowDoubleEscaping:True
B.Appcmd set config “Certificates” /section:system.webServer/Security/requestFiltering –
allowDoubleEscaping:False
C.Certutil -setreg CA\CRLDeltaPeriod “Days”
D.Certutil -setreg CA\CRLOverlapPeriod “Days”
Answer is D
Reference: https://technet.microsoft.com/en-us/library/cc731104.aspx
“Applies To: Windows Server 2008 R2, Windows Server 2012
You can adjust the relationship between a certificate revocation list (CRL) and delta CRL by configuring an overlap period between the two. This setting is particularly useful when publication of the next base or delta CRL is delayed or the client is unable to obtain a new CRL or delta CRL at the scheduled publication time.”
Answers A and B seem to be talking about IIS functions for allowing the + sign instead of %20 from what I read (for those interested). I could be wrong, however. Don’t take my word for it. If you’re curious read into it more.
0
0