ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-101 All Questions

View all questions & answers for the MD-101 exam
Go to Exam

Exam MD-101 topic 2 question 74 discussion

Actual exam question from Microsoft's MD-101
Question #: 74
Topic #: 2
[All MD-101 Questions]

You are configuring an SSTP VPN.
When you attempt to connect to the VPN, you receive the message shown in the exhibit. (Click the Exhibit tab.)

What should you do to ensure that you can connect to the VPN?

  • A. Change the VPN type
  • B. Generate a computer certificate from the root certification authority (CA)
  • C. Install the root certificate
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by badguytoo at Aug. 19, 2021, 6:13 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
badguytoo
Highly Voted 3 years, 10 months ago
I think should install the root certificate....
upvoted 15 times
AVP_Riga
3 years, 9 months ago
It will work, but I assume it isn't a best practice...
upvoted 2 times
...
...
PiPe
Highly Voted 3 years, 4 months ago
Selected Answer: C
https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/always-on-vpn-deploy-troubleshooting#error-code-0x800b0109 C is the right answer
upvoted 5 times
RodrigoT
3 years, 2 months ago
Thank you for the link.
upvoted 1 times
...
...
PHSmiffy
Most Recent 3 years, 3 months ago
C is the correct answer. Generating certs from your root CA is bad practice
upvoted 1 times
...
cor_
3 years, 3 months ago
See answer from PiPe.
upvoted 1 times
...
Marle
3 years, 5 months ago
I would go with C. According to the MS docs this error message can be fixed by ensuring that the root certificate is installed on the client computer: https://docs.microsoft.com/en-us/windows-server/remote/remote-access/vpn/always-on-vpn/deploy/always-on-vpn-deploy-troubleshooting
upvoted 4 times
...
Goofer
3 years, 7 months ago
The certificate chain includes the root certificate. If the computer is not a member of an domain the root certificate is not automatically deployed to the workstation. Deploy the internal root certificate with intune(or something else)
upvoted 2 times
...
Prianishnikov
3 years, 9 months ago
https://social.msdn.microsoft.com/Forums/ie/en-US/5ed119ef-1704-4be4-8a4f-ef11de7c8f34/a-certificate-chain-processed-but-terminated-in-a-root-certificate-which-is-not-trusted-by-the?forum=WAVirtualMachinesVirtualNetwork
upvoted 1 times
...
FlailingLimbs
3 years, 10 months ago
This issue may occur if the appropriate trusted root certification authority (CA) certificate is not installed in the Trusted Root Certification Authorities store on the client computer. Note Generally, if the client computer is joined to the domain and if you use domain credentials to log on to the VPN server, the certificate is automatically installed in the Trusted Root Certification Authorities store. However, if the computer is not joined to the domain or if you use an alternative certificate chain, you may experience this issue. More reading here - https://social.msdn.microsoft.com/Forums/sqlserver/en-US/5ed119ef-1704-4be4-8a4f-ef11de7c8f34/a-certificate-chain-processed-but-terminated-in-a-root-certificate-which-is-not-trusted-by-the?forum=WAVirtualMachinesVirtualNetwork
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel