Exam 70-742 topic 1 question 213 discussion

the answer should be A&E A. From the Certification Authority console, modify the Auditing settings for the CA. E. From Local Group Policy Editor, configure auditing for object access.

One more vote for A and E. https://www.itprotoday.com/security/q-addition-certification-authority-ca-level-auditing-settings-are-there-any-other

A. From the Certification Authority console, modify the Auditing settings for the CA. E. From Local Group Policy Editor, configure auditing for object access.

In Policy, the answer correct is "Object Access", then Answer E "Policy Change" is wrong, this policy will only audit policy changes. In CA, the answer correct is "auditing settings", then answer A "Security Settings" is wrong, this tab is responsible for applying permissions of which user or group can issue, manage or request a certificate Final answer A and E

Correct answer is A and E

According to Pluralsight (Course is Implemented Active Directory Certificate Services in Windows Server 2016), the correct answers are: A E You enable on the Local Security Policy for OBJECT ACCESS Auditing After that, you change the AUDITING SETTINGS from the CA Properties

The right is CD ,

To meet goal both CA side settings and Group policy side settings is needed. In CA side A is correct which agree with MrRiver and Charchar. In Group policy side E is correct which agree with Charchar only. Because in Group policy side what modify is not configure auditing for policy change but configure auditing for object access.

i gues the answer is not correct if you follow the link i provide, you see thers a "audith" tab on the CA Properties So A should be include and i think C to So i would go with A and C https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn786432(v%3Dws.11)