ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-742 All Questions

View all questions & answers for the 70-742 exam
Go to Exam

Exam 70-742 topic 1 question 209 discussion

Actual exam question from Microsoft's 70-742
Question #: 209
Topic #: 1
[All 70-742 Questions]

You have an enterprise certification authority (CA) named ContosoCA. Recovery agents are configured for ContosoCA.
You duplicate the User certificate template and name it Cont_User. You plan to issue the certificates based on Cont_User to provide users with the ability to encrypt email messages and files.
You need to ensure that the recovery agents can access any user-encrypted files and email messages if the users lose their certificate.
What should you do?

  • A. Modify the Recovery Agents settings for ContosoCA.
  • B. Issue a certificate based on a key recovery agent certificate.
  • C. Modify the Request Handling settings for Cont_User.
  • D. On ContosoCA, configure the Key Recovery Agent template as a certificate template to issue.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by panda at Oct. 30, 2019, 2:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
krj
Highly Voted 5 years, 5 months ago
"Recovery agents are configured for ContosoCA". What's left to do is enable "archive subject's encryption private key" in Request handling tab. makes sense I guess.
upvoted 5 times
lbs
5 years, 3 months ago
I agree. This makes sense.
upvoted 1 times
...
...
Kamikazekiller
Most Recent 5 years ago
C. Modify the Request Handling settings for Cont_User.
upvoted 1 times
...
Nhan
5 years, 5 months ago
the correct answer is B
upvoted 1 times
Robin39
5 years, 3 months ago
Why B , have reference?
upvoted 2 times
...
Rijvi
4 years, 7 months ago
you are wrong
upvoted 1 times
...
...
Nhan
5 years, 5 months ago
hey coleman, why C is the right answer?
upvoted 2 times
GenjamBhai
4 years, 11 months ago
Once KRA is set up, Allow archival of pvt key: Cert Templates Console > Select any Cert Template > Properties > Request Handling > Archive subject’s encryption pvt key
upvoted 6 times
...
...
coleman
5 years, 7 months ago
answer C. Modify the Request Handling settings for Cont_User is correct.
upvoted 3 times
...
panda
5 years, 9 months ago
I agree with the example answer is C B. What Issue a certificate based on is a certificate template which you need to enable key archival for. D. Though you configure the Key Recovery Agent template as a certificate template to issue, in case of modifying the Request Handilig settings you can't access any user-encrypted files and email messages A. modifying the Recover Agents settings allows to key recovery.
upvoted 2 times
GenjamBhai
4 years, 11 months ago
Once KRA is set up, Allow archival of pvt key: Cert Templates Console > Select any Cert Template > Properties > Request Handling > Archive subject’s encryption pvt key
upvoted 5 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel