You need to ensure that the health certificates are only valid for four hours

Your network contains an Active Directory domain. The domain contains an enterprise certification authority (CA) named Server1 and a server named Server2. On Server2, you deploy Network Policy Server (NPS) and you configure a Network Access Protection (NAP) enforcement policy for IPSec. From the Health Registration Authority snap-in on Server2, you set the lifetime of health certificates to four hours. You discover that the validity period of the health certificates issued to client computers is one year.

You need to ensure that the health certificates are only valid for four hours. What should you do?

Your network contains an Active Directory domain. The domain contains an enterprise certification authority (CA) named Server1 and a server named Server2. On Server2, you deploy Network Policy Server (NPS) and you configure a Network Access Protection (NAP) enforcement policy for IPSec. From the Health Registration Authority snap-in on Server2, you set the lifetime of health certificates to four hours. You discover that the validity period of the health certificates issued to client computers is one year.

You need to ensure that the health certificates are only valid for four hours. What should you do?

A.
Modify the Request Handling settings of the certificate template used for the health certificates.

B.
Modify the Issuance Requirements settings of the certificate template used for the health certificates.

C.
On Server1, run certutil.exe -setreg policy\editflags +editf_attributeenddate.

D.
On Server1, run certutil.exe Csetregdbflags +dbflags_enablevolatilerequests.



Leave a Reply 0

Your email address will not be published. Required fields are marked *