ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 347 discussion

Actual exam question from Microsoft's MD-102
Question #: 347
Topic #: 1
[All MD-102 Questions]

DRAG DROP
-

You have a Microsoft 365 E5 subscription and use Microsoft Intune.

You need to use Microsoft Cloud PKI to deploy personal user certificates to all Windows devices.

Which four actions should you perform in sequence? To answer move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Show Suggested Answer Hide Answer
Suggested Answer:
by dddba0a at Feb. 11, 2025, 4:20 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Knight_Of_Peace
4 months ago
Given answer is correct. Configure root and issuing CA for Microsoft Cloud PKI 1- Create root CA 2- Create issuing CA 3- Create certificate profiles 3.1 Create a trusted certificate profile for the Cloud PKI root CA. 3.2 Create a trusted certificate profile for a Cloud PKI issuing CA. 3.3 Create an SCEP certificate profile for a Cloud PKI issuing CA. Ref: https://learn.microsoft.com/en-us/mem/intune/protect/microsoft-cloud-pki-configure-ca
upvoted 1 times
...
XylosSW
4 months ago
https://learn.microsoft.com/en-us/mem/intune/protect/microsoft-cloud-pki-configure-ca Given answers are correct. Step 1: Create root CA in admin center Before you can start to issue certificates to managed devices, you need to create a root CA in your tenant to act as the trust anchor. Step 2: Create issuing CA in admin center An issuing CA is required to issue certificates for Intune-managed devices. Step 3: Create certificate profiles Step 3: To issue certificates, you must create a trusted certificate profile for your root and issuing CAs. The trusted certificate profile establishes trust with the Cloud PKI certificate registration authority supporting the SCEP protocol. Step 4: Just like you did for the trusted certificate profiles, create an SCEP certificate profile for each OS platform you're targeting. The SCEP certificate profile is used to request a leaf client authentication certificate from the issuing CA.
upvoted 1 times
...
dddba0a
4 months, 2 weeks ago
Create a root certification authority (CA): The root CA is the top-level certification authority that issues certificates to intermediate CAs and end-entities. Creating a root CA establishes the foundation of your PKI. Create an issuing certification authority (CA): An issuing CA is responsible for issuing certificates to end-entities (users, computers, etc.). This CA is subordinate to the root CA and ensures the separation of roles and security in your PKI. Create device configuration trusted certificate profiles: Trusted certificate profiles are used to distribute the root CA's certificate to devices, ensuring they trust certificates issued by your PKI. This step is essential for establishing a trust chain. Create device configuration PKCS certificate profiles: PKCS (Public Key Cryptography Standards) certificate profiles are used to deploy user certificates to devices. This profile will configure the devices to request and install personal user certificates.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel