What should you do first?

Your company named Contoso, Ltd. runs Windows Server 2008 R2. You manage a Web server named web.contoso.com.
The Web server hosts two Web sites named www.contoso.com and webmail.contoso.com.
Users connect to both the sites from the Internet by using HTTP. The new company security policy has the following requirements:
The webmail.contoso.com site must be available for Internet users only through Secure HTTP (HTTPS).
Two folders named Order and History on www.contoso.com must be available only through HTTPS.
All users must be able to connect to both sites without receiving any security warnings.
You need to add SSL certificates on web.contoso.com. You must meet the company security policy requirements.
What should you do first?

Your company named Contoso, Ltd. runs Windows Server 2008 R2. You manage a Web server named web.contoso.com.
The Web server hosts two Web sites named www.contoso.com and webmail.contoso.com.
Users connect to both the sites from the Internet by using HTTP. The new company security policy has the following requirements:
The webmail.contoso.com site must be available for Internet users only through Secure HTTP (HTTPS).
Two folders named Order and History on www.contoso.com must be available only through HTTPS.
All users must be able to connect to both sites without receiving any security warnings.
You need to add SSL certificates on web.contoso.com. You must meet the company security policy requirements.
What should you do first?

A.
Generate a self-signed certificate for web.contoso.com.

B.
Generate separate domain certificates for www.contoso.com and webmail.contoso.com.

C.
Request one certificate from the public trusted certification authority for web.contoso.com.

D.
Request separate certificates from the public trusted certification authority for www.contoso.com and webmail.contoso.com.

Explanation:
The steps for configuring Secure Sockets Layer (SSL) for a site are the same in IIS 7 and IIS 6.0.
There are three things that a browser usually verifies in a server certificate:
1. That the current date and time is within the “Valid from” and “Valid to” date range on the certificate.
2. That the certificate’s “Common Name” (CN) matches the host header in the request. For example, if the client is making a request to http://www.contoso.com/, then the CN must also be http://www.contoso.com/.
3. That the issuer of the certificate is a known and trusted CA.
Source: http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/
Creating Certificate Requests
Each Web site hosted on your Web server needs a separate certificate if you want SSL to work properly. The first step in the certificate creation process is to generate a certificate request.
Source: http://technet.microsoft.com/en-us/library/bb727098.aspx



Leave a Reply 0

Your email address will not be published. Required fields are marked *