You need to ensure that the users can send and receive digitally signed email messages without receiving a warning message

You have an Exchange Server 2013 organization.
All users are issued certificates from an internal certification authority (CA).
Users who have a laptop can access their mailbox from the Internet by using Outlook Anywhere.
When the users attempt to view or to create digitally signed email messages while they are
connected to the Internet, the users receive a warning message.
When the users use their laptop on the internal network, the users do not receive a warning
message.
You need to ensure that the users can send and receive digitally signed email messages without
receiving a warning message.
What should you do?

You have an Exchange Server 2013 organization.
All users are issued certificates from an internal certification authority (CA).
Users who have a laptop can access their mailbox from the Internet by using Outlook Anywhere.
When the users attempt to view or to create digitally signed email messages while they are
connected to the Internet, the users receive a warning message.
When the users use their laptop on the internal network, the users do not receive a warning
message.
You need to ensure that the users can send and receive digitally signed email messages without
receiving a warning message.
What should you do?

A.
Publish the root certificate of the CA to a server that is accessible from the Internet.

B.
Publish the certificate revocation list (CRL) to a server that is accessible from the Internet.

C.
Install a trusted root CA certificate on all Client Access servers.

D.
Install a trusted root CA certificate on all of the laptops.

Explanation:
It works inside the network. Therefore the CA is trusted. Without access to the CRL, you’ll get an
error saying A revocation check could not be performed for the certificate.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


joe

joe

Like the explanation says, it won’t be C or D as the internal CA will already be trusted.
No need for the CA to be externally accessible, just the CRL.