DRAG DROP
You support Windows 8 desktop computers for a company named Contoso, Ltd. The
computers are members of the Active Directory domain named contoso.com.
Contoso works with a supplier named Fabrikam, Inc. Each company has a public key
infrastructure (PKI), and no public certificate authorities (CAs) are used. The Fabrikam
network includes a website that is accessible from the Contoso network. The website
requires SSL and mutual authentication.
You need to configure the computers to allow contoso.com domain users to access the
website without any warning prompts. You also need to use the fewest certificates possible.
Which certificate or certificates should you use? (To answer, drag the appropriate certificate
to the correct certificate store. Each certificate may be used once, more than once, or not at
all. You may need to drag the split bar between panes or scroll to view content.)
Which certificate or certificates should you use?
DRAG DROP
You support Windows 8 desktop computers for a company named Contoso, Ltd. The
computers are members of the Active Directory domain named contoso.com.
Contoso works with a supplier named Fabrikam, Inc. Each company has a public key
infrastructure (PKI), and no public certificate authorities (CAs) are used. The Fabrikam
network includes a website that is accessible from the Contoso network. The website
requires SSL and mutual authentication.
You need to configure the computers to allow contoso.com domain users to access the
website without any warning prompts. You also need to use the fewest certificates possible.
Which certificate or certificates should you use? (To answer, drag the appropriate certificate
to the correct certificate store. Each certificate may be used once, more than once, or not at
all. You may need to drag the split bar between panes or scroll to view content.)
“The website (contoso.com) requires SSL and mutual authentication.” means you need client(user) certificate issued by Contoso…not by Fabrikam (on the last question).
Are you sure?
In mutual authentication client have to be verified by server. Fabrikam can’t trust Contoso certificate because Contoso use private PKI not public CA. So Fabrikam have to create a certificate for user in contoso. So when a user from Contoso try to connect on on website on fabrikam, mutual authentication can happen because Contoso computer trust Frabrikam root certicate and Fabrikam website can trust Contoso user.