Which of the following CA types would you deploy if you wanted to deploy a CA at the top of a hierarchy that could issue signing certificates to other CAs and which would be taken offline if not issuing, renewing, or revoking signing certificates?
Stand-alone Root CA: A stand-alone root CA is also the topmost CA in the certificate chain. A stand-alone root CA is not however dependent on Active Directory, and can be removed from the network. This makes a stand-alone root CAs the solution for implementing a secure offline root CA.
So C-Standalone Root CA is definitely the right answer.
This doesn't seem like Microsoft's typical writing style. I completely understand the question and what they're asking me, but it's sloppy writing style and doesn't seem like their typical one.
The answer is C:
"There is no technical reason for a root CA to ever be connected to any network. Ever.
That said, your Root CA should not be a member of a Forest.
Your root CA type should be Standalone, not Enterprise. "
https://social.technet.microsoft.com/Forums/windowsserver/en-US/342b2de5-0496-4b0c-aeb7-83069a545712/root-ca-offline?forum=winserversecurity
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.70-742 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
paprda
Highly Voted 5 years, 10 months agoYebubbleman
Most Recent 4 years, 5 months agoKebabtray
4 years, 11 months agocoleman
5 years, 6 months agoTMW
5 years, 9 months ago