You are the network administrator for your company. The network consists of a single Active Directory domain. All computers on the network are members of the domain. The domain contains a Windows Server 2003 computer named Server1. You are planning a public key infrastructure (PKI) for the company.
You want to deploy a certification authority (CA) on Server1. You create a new global security group named Cert Administrators. You need to delegate the tasks to issue, approve, and revoke certificates to members of the Cert Administrators group.
What should you do?
A.
Add the Cert Administrators group to the Cert Publishers group in the domain.
B.
Configure the Certificates Templates container in the Active Directory configuration naming context to assign the Cert Administrators group the Allow – Write permission.
C.
Configure the CertSrv virtual directory on Server1 to assign the Cert Administrators group the Allow – Modify permission.
D.
Assign the Certificate Managers role to the Cert Administrators group.