You have an enterprise subordinate certification authority (CA).
You have a group named Group1.
You need to ensure that members of Group1 can revoke certificates.
What should you do?
A.
Add Group1 to the Certificate Publishers group.
B.
Assign the Issue and Manage Certificates permission to Group1.
C.
Assign the Manage CA permission to Group1.
D.
Add Group1 to the local Administrators group.
Can someone tell me if this answer is correct?
I personally would have chosen B as the answer.
By this link the answer is correct.
Membership in local Administrators, or equivalent, is the minimum required to complete this procedure. If this will be an enterprise CA, membership in Domain Admins, or equivalent, is the minimum required to complete this procedure.
https://technet.microsoft.com/en-us/library/cc772192.aspx
Awesome! Thank you! 😀
Membership in local Administrators is necessary for “installing the subordinate CA as an enterprise CA” not “revoke certificates”
for me, the coorect answer is B : Issue and Manage Certificates Perission allows a user or group to approve, deny, or revoke certificates.
Hi! Agree with Ali -> https://technet.microsoft.com/en-us/library/cc732590(v=ws.11).aspx –> right answer is B – Assign the Issue and Manage Certificates permission to Group1.