You are an enterprise administrator for Domain.com. The Domain.com network consists of a single Active Directory domain named Domain.com. All servers on the Domain.com network run Windows Server 2008 and all client computers run Windows Vista.
The Domain.com network contains two Windows Server 2008 workstations named CERTKILLER-SR01 and CERTKILLER-SR02. You are in the process of configuring CERTKILLER-SR01 as an Enterprise Root certification authority. You decide to have the Online Responder role service installed on CERTKILLER-SR02. During the course of the day you receive an instruction from the CIO to ensure that CERTKILLER-SR02 is able to issue a certificate revocation list for the enterprise root CA.
What should you do? (Choose all that apply.)
A.
This can be accomplished by having the OCSP Response Signing certificate imported.
B.
This can be accomplished by having the Startup Type of the Certificate Propagation service set to Automatic.
C.
This can be accomplished by having the computer account of CERTKILLER-SR01 added to the CKCertificates group.
D.
This can be accomplished by having the enterprise root CA certificate imported.