Which certification authority should you recommend installing on Server4?
Your network consists of one Active Directory domain that contains servers that n.ai Windows Server 2008 R2. The relevant servers are configured as shown in the following table.
The relevant portion of the network is shown in the exhibit. (Click the Exhibit button.)
Server3 hosts a secure Web site. You want remote users to access the secure Web site by using a Secure
Socket Layer (SSL) connection throu the Internet. A server certificate issued by Server2 is installed on Server3.
You need to recommend a solution that will enable the distribution of certificates to the remote users.
The solution must meet the following requirements:
the certification authority must be automatically trusted.
Remote users connecting to Server3 must use client certificates issued by Server4.
A minimum amount of TCP/IP ports must be opened on the firewall that connects the perimeter network and the internal network
Which certification authority should you recommend installing on Server4?
What should you include in your plan?
Your network contains servers that run Windows Server 2008 R2 and client computers that run Windows 7.
You deploy a public key infrastructure by using Certificate Services servers that run Windows Server 2008 R2.
You need to plan the implementation of smart card authentication on the network.
The solution must meet the following requirements:
Help desk users must only be able to enroll user certificates.
Managers must be able to enroll smartcards for other employees.
Managers must be able to use their client computers to manage certificates.
What should you include in your plan?
What should you include in your plan?
You network consist of one Active Directory domain and three Network Information Services (NIS) domains. All domain controllers run Windows
Server 2008 R2. All NIS domain servers run UNIX-based operating systems.
You need to plan the integration of the Active Directory domain and the NIS domains.
The solution must meet the following requirements:
Minimize the Costs required to implement the solution.
Minimize the number of additional Windows servers required.
Provide centralized administration of Active Directory domain objects and NIS domain objects.
What should you include in your plan?
You need to configure a password replication policy that supports the company security policy
Your company has one main office and four branch offices. Each branch office has a read-only domain controller (RODC).
The network consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2. Some branch office users work in a department named Sales. Sales department users must be able to log on to all computers in their respective branch offices, even if a wide area network (WAN) link fails.
The company security policy has the following requirements:
User account passwords must be replicated to the minimum number of locations.
A minimum number of passwords must be replicated to the branch office domain controllers
You need to configure a password replication policy that supports the company security policy.
What should you do?
You need to prevent custom application passwords from being replicated to the ROOCs
Your network consists of one Active Directory domain. All domain controllers run either Windows Server 2008 R2 or Windows Server 2003 SP2. A custom application stores passwords in Active Directory. You plan to deploy read-only domain controllers (RODCs) on the network.
You need to prevent custom application passwords from being replicated to the ROOCs.
What should you do?
You need to deploy Active Directory Certificate Services on the network to support the following requirements:
Your network consists of one Active Directory domain. All domain controllers run Windows Server 2008 R2.
You need to deploy Active Directory Certificate Services on the network to support the following requirements:
Maintain availability if a single server fails.
Delegate the enrollment of certificates for separate groups of users,
Restrict the types of certificates that can be issued by a certificate manager.
What should you do?
You need to prepare the environment so that users from contoso
Your company named Contoso, Ltd. and another company named Fabrikam, Inc. establish a partnership. The Contoso network consists of one Active Directory forest named contoso.com. The Fabrikam network consists of one Active Directory forest named fabnkam.com.
Users from contoso.com plan to share files with users from fabrikam.com.
You need to prepare the environment so that users from contoso.com can protect confidential files from being copied or forwarded to unauthorized users.
What should you do?
What should you recommend?
Your network consists of one Active Directory domain. The functional level of the domain is Windows Server 2008 R2.
Your company has three departments named Sales, Marketing, and Engineering. All users in the domain are in an organizational unit (OU) named AllUsers.
You have three custom applications. You deploy all custom applications by using a Group Policy object (GPO) named AppInstall.
The Sales department purchases a new application that is only licensed for use by the Sales department.
You need to recommend a solution to simplify the distribution of the new application.
The solution must meet the following requirements:
The application must only be distributed to licensed users.
The amount of administrative effort required to manage the users must remain unaffected.
The three custom applications must be distributed to all existing and new users on the network.
What should you recommend?
You need to prepare the network for the installation of the RODC
Your network consists of one Active Directory forest. The functional level of the forest is Windows Server 2003.
You upgrade all domain controllers from Windows Server 2003 SP2 to Windows Server 2008 R2. You plan to deploy the first read-only domain controller (RODC) in the forest.
You need to prepare the network for the installation of the RODC.
What should you do?
What should you recommend?
Your network consists of one Active Directory domain. The functional level of the domain is Windows Server 2008 R2.
Your company has 10 departments. Each department has a department manager and a department administrator. Some department administrators are responsible for multiple departments. You have an organizational unit (OU) named AllUsers that contains all user accounts.
You need to recommend a solution to simplify the management of all users in the domain.
The solution must meet the following requirements:
Department managers must only be able to reset passwords for users in their respective departments.
Department administrators must only be able to modify user accounts in their respective departments.
Only the respective department administrators and managers must be able to manage the accounts of users who are transferred to their departments from other
departments.
What should you recommend?