Does this meet the goal?

Your network contains an Active Directory domain named contoso.com. The network has an Active
Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:
Ensure that the users can encrypt files by using Encrypting File System (EFS).
Ensure that all of the users reenroll for their certificate every six months.
Solution: You create a copy of the Basic EFS certificate template, and then you modify the validity
period of the copy.
Does this meet the goal?

Your network contains an Active Directory domain named contoso.com. The network has an Active
Directory Certificate Services (AD CS) infrastructure.
You need to issue a certificate to users to meet the following requirements:
Ensure that the users can encrypt files by using Encrypting File System (EFS).
Ensure that all of the users reenroll for their certificate every six months.
Solution: You create a copy of the Basic EFS certificate template, and then you modify the validity
period of the copy.
Does this meet the goal?

A.
Yes

B.
No

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

OSA

OSA

How is the requirement “Ensure that all of the users reenroll” met?

Reply

puck

puck

Set the validity period… to 6 months..

Reply

mi74

mi74

Do not confuse “reenroll” whit “Autoenroll”. The first one is when you have a certificate and you want to enroll it again, from various reasons. This can be done using MMC snap in for example.
Autonrollment does not demand from you to have any certificate, but you can have one anyway. In this method you are completely unaware of process. Process described for example there: https://blogs.technet.microsoft.com/meamcs/2010/12/01/auto-enrollment-avoid-the-challenges-of-making-end-users-manage-their-certificates/

Reply