You need to ensure that you can manage the certificates…

Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 R2. Server1 is an enterprise root certification authority (CA) for
contoso.com.
Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA. Your
account is a member of the local Administrators group on Server1.
You enable CA role separation on Server1.You need to ensure that you can manage the certificates on the CA.
What should you do?

Your network contains an Active Directory domain named contoso.com. The domain contains a server named
Server1 that runs Windows Server 2012 R2. Server1 is an enterprise root certification authority (CA) for
contoso.com.
Your user account is assigned the certificate manager role and the auditor role on the contoso.com CA. Your
account is a member of the local Administrators group on Server1.
You enable CA role separation on Server1.You need to ensure that you can manage the certificates on the CA.
What should you do?

A.
Remove your user account from the local Administrators group.

B.
Assign the CA administrator role to your user account.

C.
Assign your user account the Bypass traverse checking user right.

D.
Remove your user account from the Manage auditing and security log user right.



Leave a Reply 2

Your email address will not be published. Required fields are marked *