Which two actions should you perform?
Your network contains an Active Directory domain named contoso.com. The domain contains a certification
authority (CA).
You suspect that a certificate issued to a Web server is compromised.
You need to minimize the likelihood that users will trust the compromised certificate.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
Which type of trust policy should you create?
Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights Management Services
server role installed.
Your company works with a partner organization that does not have its own Active Directory Rights
Management Services (AD RMS) implementation.
You need to create a trust policy for the partner organization.
The solution must meet the following requirements:
Grant users in the partner organization access to protected content.
Provide users in the partner organization with the ability to create protected content.Which type of trust policy should you create?
Which two permissions should you assign to Group1?
Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Certificate Services server role
installed and is configured to support key archival and recovery.
You create a new Active Directory group named Group1.
You need to ensure that the members of Group1 can request a Key Recovery Agent certificate. The solution
must minimize the permissions assigned to Group1.
Which two permissions should you assign to Group1? (Each correct answer presents part of the solution.
Choose two.)
Which type of trust policy should you create?
Your network contains an Active Directory forest named adatum.com. The forest contains an Active Directory
Rights Management Services (AD RMS) cluster.
A partner company has an Active Directory forest named litwareinc.com. The partner company does not have
AD RMS deployed.
You need to ensure that users in litwareinc.com can consume rights-protected content from adatum.com.
Which type of trust policy should you create?
You need to ensure that AD RMS clients can discover the…
Your network contains an Active Directory domain named contoso.com.
You deploy a server named Server1 that runs Windows Server 2012 R2.
A local administrator installs the Active Directory Rights Management Services server role on Server1.You need to ensure that AD RMS clients can discover the AD RMS cluster automatically.
What should you do?
What should you modify?
Your network contains an Active Directory domain named corp.contoso.com. You deploy Active Directory
Rights Management Services (AD RMS).
You have a rights policy template named Template1. Revocation is disabled for the template. A user named
User1 can open content that is protected by Template1 while the user is connected to the corporate network.
When User1 is disconnected from the corporate network, the user cannot open the protected content even if
the user previously opened the content.
You need to ensure that the content protected by Template1 can be opened by users who are disconnected
from the corporate network.
What should you modify?
Which tool should you use?
Your network contains an Active Directory domain named contoso.com. The domain contains a server namedServer1 that runs Windows Server 2012.
Server1 is the enterprise root certification authority (CA) for contoso.com.
You need to enable CA role separation on Server1.
Which tool should you use?
Which two actions should you perform?
You have an Active Directory Rights Management Services (AD RMS) cluster.
You need to prevent users from encrypting new content. The solution must ensure that the users can continue
to decrypt content that was encrypted already.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
Which two intended purposes should the certificate for …
Your network contains an Active Directory domain named contoso.com. The domain contains two servers
named Server1 and Server2. Both servers have the Hyper-V server role installed.
You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using
Secure Sockets Layer (SSL).
You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted.
Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of
the solution. Choose two.)
You need to ensure that all the members of Group1 can u…
****Your network contains an Active Directory domain named contoso.com. The domain contains a server
named Server1 that runs Windows Server 2012 R2. Server1 has the Active Directory Rights Management
Services server role installed.
The domain contains a domain local group named Group1. You create a rights policy template named
Template1. You assign Group1 the rights to Template1.
You need to ensure that all the members of Group1 can use Template1.
What should you do?