You need to ensure that a user named User1 can decrypt …

seenagapeNovember 9, 2017

Your network contains an Active Directory domain named adatum.com. The domain contains a server named
CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate Services server role installed
and is configured to support key archival and recovery.
You need to ensure that a user named User1 can decrypt private keys archived in the Active Directory
Certificate Services (AD CS) database. The solution must prevent User1 from retrieving the private keys from
the AD CS database.
What should you do?

PrepAway - Latest Free Exam Questions & Answers

A.
Assign User1 the Issue and Manage Certificates permission to CA1.

B.
Assign User1 the Read permission and the Write permission to all certificate templates.

C.
Provide User1 with access to a Key Recovery Agent certificate and a private key.

D.
Assign User1 the Manage CA permission to CA1.

Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/7573.active-directory-certificate-services-pkikeyarchival-and-management.aspx#Protecting_Key_Recovery_Agent_Keys

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Microsoft Exam Questions

Free Microsoft Study Guide

You need to ensure that a user named User1 can decrypt …

Leave a Reply Cancel reply