Your network contains an Active Directory domain named adatum.com. The domain contains a
server named CA1 that runs Windows Server 2012 R2. CA1 has the Active Directory Certificate
Services server role installed and is configured to support key archival and recovery.
You need to ensure that a user named User1 can decrypt private keys archived in the Active
Directory Certificate Services (AD CS) database.
The solution must prevent User1 from retrieving the private keys from the AD CS database.
What should you do?
A.
Assign User1 the Issue and Manage Certificates permission to Server1.
B.
Assign User1 the Read permission and the Write permission to all certificate templates.
C.
Provide User1 with access to a Key Recovery Agent certificate and a private key.
D.
Assign User1 the Manage CA permission to Server1.
Explanation:
http://social.technet.microsoft.com/wiki/contents/articles/7573.active-directory-certificateservices-pki-keyarchival-and-management.aspx#Protecting_Key_Recovery_Agent_Keys
The answer is C, just like the curve of the ball that I bent….
This is for you Hassan
0
0
So much cringe.
0
0
正規販売代理店,100%品質保証!
超激得通販!
【超人気新品】史上最も激安い!最安値に挑戦!
クリスマス賛発売!
超人気高品質100%品質保障!
今79%OFF、税金入れ、ベストプライスをお楽しみください
送料無料で販売、最大70%の割引
発売中高級品アウトレット割引を提供
割引80%オフまで
【正規品】激安専門店.
超安値登場!品質保証、最安値に挑戦!
オンラインストアオファー激安輸出
高品質とリーズナブルで販売
超人気【楽天市場】
オンラインストアは、ご来店ありがとうございます.
0
0