| Author |
Thu 70-216 Question of the Day
|
|
| wbafrank 2002-02-06, 12:28 pm |
|  Today's poser is as follows:
Q13. You are implementing a Certificate Authority (CA) for your network. You decide to use a CA hierarchy model. You plan to implement a root CA on one Windows 2000 Server computer, and the intermediate and issuing CAs on separate Windows 2000 Server computers.
You want to ensure the tightest security for all CAs, but especially for the root CA computer. What is one way to improve security on this computer?
A. Install the root CA in a secure data centre.
B. Move the recovery keys to a separate computer.
C. Nightly remove the RSA folder to removable media.
D. Ensure the computer does not have a network adapter.
Good Luck .... see you tomorrow for the answer!! | |
| unreal 2002-02-06, 6:34 pm |
| My bet is B- Move the recovery keys to separate computer. | |
|
| I wait for the answer because you explain every items!!!! | |
|
|
|
| How other computers comunicate with the CA autority Server if the CA server don`t have a network adapter???? or i`m missing something.... | |
| wbafrank 2002-02-07, 12:29 pm |
| quote:
Originally posted by cm2gj
How other computers comunicate with the CA autority Server if the CA server don`t have a network adapter???? or i`m missing something....
Have a read of this:
http://www.microsoft.com/windows200...ist_Offline.htm |
|
|
|