You network contains an Active Directory domain named contoso.com. The domain contains an enterprise
certification authority (CA) named CA1.
You have a test environment that is isolated physically from the corporate network and the Internet.
You deploy a web server to the test environment. On CA1, you duplicate the Web Server template, and you
name the template Web_Cert_Test.
For the web server, you need to request a certificate that does not contain the revocation information of CA1.
What should you do first?
A.
From the properties of CA1, allow certificates to be published to the file system.
B.
From the properties of CA1, select Restrict enrollment agents, and then add Web_Cert_Test to the
restricted enrollment agent.
C.
From the properties of Web_Cert_Test, assign the Enroll permission to the guest account.
D.
From the properties of Web_Cert_Test, set the Compatibility setting of CA1 to Windows Server 2016.