You are employed as the network administrator at Domain.com. The Domain.com network consists of a single Active Directory domain named Domain.com. All servers on the Domain.com network run Windows Server 2008 and all client computers run Windows XP Professional.
You are responsible for managing two servers named CERTKILLER-SR01 and CERTKILLER- SR02. CERTKILLER-SR01 has the enterprise root certification authority (CA) installed and CERTKILLER-SR02 the Online Responder role service. You receive an instruction from the CIO to ensure that the Online Responder is supported by CERTKILLER-SR01.
What should you do?
A.
This can be accomplished by configuring Dual Certificate List extension on CERTKILLER-SR01 and CERTKILLER-SR02.
B.
This can be accomplished by configuring the CertPublishers group on CERTKILLER-SR01 and CERTKILLER-SR02.
C.
This can be accomplished by creating a conventional Group Policy Object (GPO) and importing the enterprise root CA certificate.
D.
This can be accomplished by configuring the Authority Information Access (AIA) extension on CERTKILLER-SR01.
Explanation:
Thereafter the GPO should be linked to CERTKILLER-SR01.
In order to configure the online responder role service on CERTKILLER-SR01 you need to configure the AIA extension. The authority information access extension will indicate how to access CA information and services for the issuer of the certificate in which the extension appears. Information and services may include on-line validation services and CA policy data. This extension may be included in subject or CA certificates, and it MUST be non-critical
I choose D