Microsoft-TS Upgrading Your MCSA on Windows Server 2003 to Windows Server 2008, Technology Specialist

Your company has an Active Directory domain. All servers run Windows Server 2008 R2. Your company uses an Enterprise Root certificate authority (CA). You need to ensure that revoked certificate information is highly available. What should you do?

Your company has an Active Directory domain. You have a two-tier PKI infrastructure that contains an offline Root CA and an online Issuing CA. The Enterprise Certification Authority is running Windows Server 2008 R2. You need to ensure users are able to enroll new certificates. What should you do?

You have an Enterprise Root certification authority (CA) that runs Windows Server 2008 R2. You need to ensure that you can recover the private key of a certificate issued to a Web server. What should you do?

You install a Standalone Root certification authority (CA) on a server named Server1. You need to ensure that every computer in the forest has a copy of the root CA certificate installed in the local computer's Trusted Root Certification Authorities store. Which command should you run on Server1?

Your network contains an Active Directory forest. The forest contains two domains. You have a standalone root certification authority (CA). On a server in the child domain, you run the Add Roles Wizard and discover that the option to select an Enterprise CA is disabled. You need to install an Enterprise Subordinate CA on the server. What should you use to log on to the new server?

You have an enterprise subordinate certification authority (CA). You have a group named Group1. You need to allow members of Group1 to publish new certificate revocation lists. Members of Group1 must not be allowed to revoke certificates. What should you do?

You have an enterprise subordinate certification authority (CA) configured for key archival. Three key recovery agent certificates are issued. The CA is configured to use two recovery agents. You need to ensure that all of the recovery agent certificates can be used to recover all new private keys. What should you do?

You have an enterprise subordinate certification authority (CA). The CA is configured to use a hardware security module. You need to back up Active Directory Certificate Services on the CA. Which command should you run?

You have an enterprise subordinate certification authority (CA). You have a custom Version 3 certificate template. Users can enroll for certificates based on the custom certificate template by using the Certificates console. The certificate template is unavailable for Web enrollment. You need to ensure that the certificate template is available on the Web enrollment pages. What should you do?

You have an enterprise subordinate certification authority (CA). You have a custom certificate template that has a key length of 1,024 bits. The template is enabled for autoenrollment. You increase the template key length to 2,048 bits. You need to ensure that all current certificate holders automatically enroll for a certificate that uses the new template. Which console should you use?