You need to ensure that members of Group1 can revoke certificates

You have an enterprise subordinate certification authority (CA).
You have a group named Group1.
You need to ensure that members of Group1 can revoke certificates.
What should you do?

You have an enterprise subordinate certification authority (CA).
You have a group named Group1.
You need to ensure that members of Group1 can revoke certificates.
What should you do?

A.
Add Group1 to the Certificate Publishers group.

B.
Assign the Issue and Manage Certificates permission to Group1.

C.
Assign the Manage CA permission to Group1.

D.
Add Group1 to the local Administrators group.



Leave a Reply 5

Your email address will not be published. Required fields are marked *


Gav

Gav

Can someone tell me if this answer is correct?

I personally would have chosen B as the answer.

Nick

Nick

By this link the answer is correct.

Membership in local Administrators, or equivalent, is the minimum required to complete this procedure. If this will be an enterprise CA, membership in Domain Admins, or equivalent, is the minimum required to complete this procedure.

https://technet.microsoft.com/en-us/library/cc772192.aspx

Gav

Gav

Awesome! Thank you! 😀

ali

ali

Membership in local Administrators is necessary for “installing the subordinate CA as an enterprise CA” not “revoke certificates”

for me, the coorect answer is B : Issue and Manage Certificates Perission allows a user or group to approve, deny, or revoke certificates.