PrepAway - Latest Free Exam Questions & Answers

Which commandshould you run on Computer1?

Your network contains an Active Directory domain.
You have a servernamed Server1that runs Windows Server 2008 R2.
Server1is an enterprise root certification authority (CA).
You have a clientcomputer named Computer1that runs Windows 7.
You enable automatic certificate enrollment for all client computers that run Windows 7.
You need to verify that the Windows 7 client computers can automatically enroll for certificates.
Which commandshould you run on Computer1?

PrepAway - Latest Free Exam Questions & Answers

A.
certreq.exe retrieve

B.
certreq.exe submit

C.
certutil.exe getkey

D.
certutil.exe pulse

Explanation:
http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/795f209d-b056-4de8-8dcf-7c7f80529aab/
What does “certutil -pulse” command do?
Certutil -pulse will initiate autoenrollment requests.
It is equivalent to doing the following in the CertMgr.msc console (in Vista and Windows 7)
Right-click Certificates, point to All Tasks, click Automatically Enroll and Retrieve
Certificates.
The command does require that
– any autoenrollment GPO settings have already beenapplied to the target user or
computer
– a certificate template enables Read, Enroll and Autoenroll permissions for the user or a
global or universal group containing the user
– The group membership is recognized in the users Token (they have logged on after the
membership was added
http://technet.microsoft.com/library/cc732443.aspx
Certutil
Certutil.exe is a command-line program that is installed as part of Certificate Services. You
can use Certutil.exe to dump and display certification authority (CA) configuration
information, configure Certificate Services, backupand restore CA components, and verify
certificates, key pairs, and certificate chains.
When certutil is run on a certification authority without additional parameters, it displays the
current certification authority configuration. Whencerutil is run on a non-certification
authority, the command defaults to running the certutil -dump verb.
Verbs
The following table describes the verbs that can beused with the certutil command.
..
-pulse
Pulse auto enrollment events
..


Leave a Reply