Which two cmdlets should you run?

Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs a Server Core installation of Windows Server 2012 R2.
You need to deploy a certification authority (CA) to Server1. The CA must support the autoenrollment of certificates.
Which two cmdlets should you run? (Each correct answer presents part of the solution. Choose
two.)

A.
Add-CAAuthoritylnformationAccess

B.
Install-AdcsCertificationAuthority

C.
Add-WindowsFeature

D.
Install-AdcsOnlineResponder

E.
Install-AdcsWebEnrollment

Explanation:
B)
The Install-AdcsCertificationAuthority cmdlet performs installation and configuration of the AD CS
CA role service. It can be used to install a root CA.
Example:
Install-AdcsCertificationAuthority –CAType StandaloneRootCA –CACommonName “ContosoRootCA”
–KeyLength 2048 –HashAlgorithm SHA1 –CryptoProviderName “RSA#Microsoft Software Key
Storage Provider”
E: The Install-AdcsWebEnrollment cmdlet performs initial installation and configuration of the
Certification Authority Web Enrollment role service.
Note: Prior to the availability of Certificate Enrollment Web Services, AD CS required that client
computers configured for certificate auto-enrollment be connected directly to the corporate
network. Certificate Enrollment Web Services allows organizations to enable AD CS using a
perimeter network. This allows users and computers outside the corporate network to enroll for
certificates.

Certificate Enrollment web service Deploying AD CS Using Windows PowerShell