You work as an administrator at ABC.com. The ABC.com network has an Active Directory domain named ABC.com.
The ABC.com network contains three servers named ABC-SR01, ABC-SR02, and ABC-SR03. ABC-SR01 is configured as a domain controller, and has Windows Server 2008 installed. ABC- SR02 is configured as an Enterprise root certification authority (CA), and has Windows Server 2008 R2. ABC-SR03 is configured with the Network Device Enrollment Service (NDES), and has Windows Server 2008 R2 installed.
ABC.com has released a written policy that requires the use of the MD5 hash algorithm for all device certificate requests.
You have been tasked with enforcing the policy.
Which of the following actions should you take?
A.
You should consider executing the Ntdsutil.exe tool from the command-line on ABC-SR02.
B.
You should have the value of the
HKLM\Software\Microsoft\Cryptography\MSCEP\EncryptionTemplate registry key defined on ABC-SR03.
C.
You should have the value of the
HKLM\Software\Microsoft\Cryptography\MSCEP\UseSinglePassword\UseSinglePassword registry key defined on ABC-SR03.
D.
You should have the value of the HKLM\Software\Microsoft\Cryptography\MSCEP\ HashAlgorithm\HashAlgorithm registry key defined on ABC-SR03.