Match description to terminology.

Answer Question
Group Policy can be used to establish __________ settings for an Active Directory domain. __________ is an extremely flexible command-line utility for administering Active Directory Certificate Services. NAP can perform __________ if it detects that the client is out of compliance.

Selected Match E.
Autoenrollment

B.
Certutil

I.
autoremediation

The top-level CA in any PKI hierarchy is the _____ CA.

A(n) _________ CA integrates with an Active Directory domain, and it can use certificate templates to allow auto enrollment of digital certificates, as well as store the certificates themselves within the Active Directory database. Simple Certificate Enrollment __________ allows network devices to enroll for PKI certificates.

D.
Root

J.
Enterprise

A.
Protocol

The __________ service combines each Statement of Health Response into a System Statement of Health Response (SSOHR).

G.
NPS

C. Windows Server 2008, Windows Vista, and Windows XP with Service Pack 3 all have a built-in NAP client, and third-party vendors API can use the NAP __________ to write additional clients for additional operating systems, such as Macintosh and Linux computers.
Enforcement __________ receive information from the Enforcement Clients H. on each client, which is then consumed by other components of the NAP Servers server-side architecture. To deploy the DHCP enforcement mechanism within Network Access Protection, you must first deploy a(n) __________ server running Windows Server 2008

F.
DHCP

Question 2
6 out of 8 points Match the description to terminology. Answer Question
The new Active Directory Certificate Services (AD CS) role in Windows Server 2008 is a component within Microsofts larger what?

Selected Match G. Identity Lifecycle Management strategy B. public key cryptography

PKI consists of a number of elements that allow two parties to communicate securely without any previous communication through the use of a mathematical algorithm called what?

C. Users can use a smart card to authenticate to an Active Directory domain, access a Web site, or authenticate to other secured resources through the use of what type of physical smart card reader device that attaches to a workstation?
What is the network protocol that allows network devices to enroll for PKI certificates?

A. Simple Certificate Enrollment Protocol

Certification Authority Web Enrollment allows users to manually request certificates using a Web interface, which is located where by default on a CA that is running the Certification Authority Web Enrollment role service? An escrow copy of a private key can be restored by one or more of what item?

E. https://<CA Name>/certsrv H. key recovery agents

What solution controls access to corporate network resources based on the identity of the computer attempting to connect to the resource, as well as the connecting computers compliance with corporate policies and standards like patching levels and Windows Firewall configurations? What is the name of the specially configured PKI certificates used by the Internet Protocol Security (IPSec) enforcement method that

D. NAP

F. Health Certificates

are issued to clients that meet defined compliance standards?

Monday, April 22, 2013 12:34:38 PM CDT