Your network contains an Active Directory domain named contoso.com.
You deploy Active Directory Certificate Services (AD CS).
Your company, which is named Contoso, Ltd., has a partner company named Fabrikam, Inc. Fabrikam also
deploys AD CS.
Contoso and Fabrikam plan to exchange signed and encrypted email messages.
You need to ensure that the client computers in both Contoso and Fabrikam trust each other’s email
certificates. The solution must prevent other certificates from being trusted and minimize administrative
effort.
What should you do?
More than one answer choice may achieve the goal. Select the BEST answer.
A.
Implement an online responder in each company.
B.
Exchange the root certification authority (CA) certificates of both companies, and then deploy the
certificates to the Enterprise Trust store by using Group Policy objects (GPOs).
C.
Implement cross-certification in each company.
D.
Exchange the root certification authority (CA) certificates of both companies, and then deploy the
certificates to the Trusted Root Certification Authorities store by using Group Policy objects (GPOs).