Exam 70-414 topic 1 question 34 discussion

Actual exam question from Microsoft's 70-414

Question #: 34
Topic #: 1

You plan to implement a two-tier certification authority (CA) hierarchy with an offline root CA. You install the root CA, and then copy the certificate to the server that will become the new issuing CA. You have a file named rootca1_ContosoRootCA.crt that contains the root CA certificate. Client devices in the Active Directory
Domain Services (AD DS) domain do not currently trust the root CA.
All clients in the AD DS domain must trust the root CA.
You need to install the issuing CA.
What should you do?

A. Run the following command from an administrative command prompt:certutil –pulse rootca1_ContosoRootCA.crt TrustedRoot
B. Run the following command from an administrative command prompt:certutil –dspublish -f rootca1_ContosoRootCA.crt RootCA
C. On the domain controller, use Windows Explorer to open the rootca1_ContosoRootCA.crt file and add the root CA to the Trusted Root Certification Authorities store.
D. On the domain controller, use Windows Explorer to open the rootca1_ContosoRootCA.crt file and add the root CA to the Intermediate Certification Authorities

Show Suggested Answer

Suggested Answer: B 🗳️
https://www.experts-exchange.com/articles/701/Certification-Authority-CA-setup-tips-and-tricks.html

by [deleted] at April 4, 2025, 10:02 a.m.

Comments

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!