Yournetwork contains an Active Directory domain named contoso.com.
The domain contains a domain controller named DC1 that runs Windows Server 2012 R2.
DC1 has the DNS Server server role installed.
The network contains client computers that run either Linux, Windows 7, or Windows 8.
Youhave a zone named adatum.com as shown in the exhibit. (Click the Exhibit button.)

You plan to configure Name Protection on all of the DHCP servers.
You need to configure the adatum.com zone to support Name Protection.
What should you do?

Which security groups must a user account be a member of to modify the AD RMS SCP? (Choose
two answers. Each answer forms part of a complete solution.)

Which of the following would you configure if you wanted to block computers running Windows 7
and earlier operating systems from consuming AD RMS-protected content?

Youwant to enable key archiving on a CA.
Youneed to issue a certificate from a specific template to the user who will recover private keys.
Which certificate template will you use as the basis for this certificate?

Which of the following must you back up or have a copy of to be able to ensure that you can restore
an AD RMS cluster in the event that a single server hosting all AD RMS components suffers
complete data loss? (Choose three answers.)

Which group policy item should you configure to enable automatic reenrollment of certificates?

Youneed to ensure that clients will check at least every 30 minutes as to whether a certificate has
been revoked. Which of the following should you configure to accomplish this goal?

Which of the following revocation statuses can you change to alter the status of a certificate from
revoked to valid?

Which of the following CA types would you deploy if you wanted to deploy a CA at the top of a
hierarchy that could issue signing certificates to other CAs and which would be taken offline if not
issuing, renewing, or revoking signing certificates?

Which of the following CA types must be deployed on domain-joined computers?