Your company has recently signed up for Azure.
You plan to register a Data Protection Manager (DPM) server with the Azure Backup service.
You need to recommend a method for registering the DPM server with the Azure Backup vault.
What are two possible ways to achieve this goal? Each correct answer presents a complete solution.
A.
Import a self-signed certificate created using the makecert tool.
B.
Import a self-signed certificate created using the createcert tool.
C.
Import an X.509 v3 certificate with valid clientauthentication EKU.
D.
Import an X.509 v3 certificate with valid serverauthentication EKU.
Explanation:
A: You can create a self-signed certificate using the makecert tool, or use any valid SSL certificate issued by
a Certification Authority (CA) trusted by Microsoft, whose root certificates are distributed via the
Microsoft Root Certificate Program.
C: The certificate must have a valid ClientAuthentication EKU.
Prerequisites for Azure Backup
URL: http://technet.microsoft.com/en-us/library/dn296608.aspx
This is no longer relevant as the backup process uses vault credentials:
https://github.com/Microsoft/azure-docs/blob/master/articles/backup/backup-azure-dpm-introduction-classic.md
“Prepare Azure Backup to back up DPM data as follows:
– Create a Backup vault
– Download vault credentials
– Install the Azure Backup Agent and register the server”
https://github.com/Microsoft/azure-docs/blob/master/includes/backup-download-credentials.md
“The vault credentials file is a certificate generated by the portal for each backup vault. The portal then uploads the public key to the Access Control Service (ACS). The private key of the certificate is made available to the user as part of the workflow which is given as an input in the machine registration workflow. This authenticates the machine to send backup data to an identified vault in the Azure Backup service.”