You work as an IT professional in an international company which is named Contoso. Your major job
is to translate business goals into technology decisions and plan mid-range to long-term strategies.
And you are experienced in network infrastructure, security policy and business continuity. In your
company, you are responsible for infrastructure design and global configuration changes. There is
one Active Directory domain in your network. Servers that run Windows Server 2008 R2 are
contained in this domain. The following table bellow shows the configuration of the relevant servers:
The exhibit shows the relevant portion of the network. (Click the Exhibit button.)
Server3 hosts a secure web site. You want remote users to access the secure Web site by using a
Secure Socket Layer (SSL) connection through the Internet. A server certificate issued by Server2 is
installed on Server3. Since you are the technical support, you are asked to recommend a solution
that will enable the distribution of certificates to the remote users. Your solution must meet the
following requirements:
The certification authority must be automatically trusted.
Remote users connecting to Server3 must use clie nt certificates issued by Server4.
A minimum amount of TCP/IP ports must be opened on the firewall that connects the perimeter
network and the internal network.
Which certification authority should you recommend installing on Server4?
A.
Standalone root
B.
Enterprise root
C.
Standalone subordinate
D.
Enterprise subordinate