Re: Which one is correct?

From: Brat (likeIwouldtellyou_at_inyourdreams.com)
Date: 05/13/04

  • Next message: Er. Santosh Kumar Singh: "MCSA"
    Date: Thu, 13 May 2004 00:27:50 -0230
    
    

    you want answers on braindumps? HA! I don't _think_ so... good luck
    cheating

    -- 
    Sue MCNGP #69
    Proud member since April 8, 2002
    "mcsems" <mcsems.165yht@mail.mcse.ms> wrote in message
    news:mcsems.165yht@mail.mcse.ms...
    >
    > You are responsible for Public Key Infrastructure (PKI) management for
    > your network at TestKing Inc. The network consists of a Windows 2000
    > Active Directory domain. The network contains a Microsoft Internet
    > Security and Acceleration (ISA) Server computer that accepts virtual
    > private network (VPN) connections. The network also contains a Windows
    > 2000 Server named TestKing1, which runs Internet Information Services
    > (IIS). TestKing1 is accessible from the Internet.
    >
    > The written security policy for TestKing requires L2TP/IPSec
    > connections. To distribute the required certificates for L2TP
    > connections, you deploy the
    > Certification Authority (CA) hierarchy shown in the exhibit.
    >
    > http://www.myimgs.com/data/fmh002/exhibit.gif
    >
    > RootCA and PolicyCA use stand-alone CA policies and are removed from
    > the network. IssuingCA issues the IPSec certificates. IPSec
    > certificates are successfully issued to all remote client computers and
    > the ISA Server.
    >
    > The Certificate Revocation Lists (CRL) for RootCA, PolicyCA, and
    > IssuingCA are published to Active Directory. The CRL Distribution Point
    > (CDP) extensions are modified to reference the Active Directory
    > location of all three CAs.
    >
    > When remote client computers attempts to connect to the ISA Server,
    > their connection attempts fail. At all remote client computers, this
    > error message appears: "The client was unable to verify the identity of
    > the server."
    >
    > You must ensure that the remote client computers can connect to the ISA
    > Server with an L2TP/IPSec VPN connection.
    >
    > What should you do?
    >
    > A. Modify the CDP extension on IssuingCA to include an HTTP URL that
    > references TestKing1.
    > Manually publish the CRL to the referenced CDP URLs at TestKing1.
    > Renew the IssuingCA certificate.
    >
    > B. Modify the CDP extension on RootCA, PolicyCA, and IssuingCA to
    > include an HTTP URL that references TestKing1.
    > Manually publish the CRLs to the references CDP URLs at TestKing1.
    > Renew the RootCA, PolicyCA, and IssuingCA certificates.
    >
    > C. Modify the CDP extension on IssuingCA to include an HTTP URL that
    > references TestKing1.
    > Manually publish the CRL to the referenced CDP URLs at TestKing1.
    > Revoke all currently issued certificates.
    > Reissue the IPSec certificates to the ISA Server and the remote client
    > computers.
    >
    > D. Modify the CDP extensions on RootCA, PolicyCA, and IssuingCA to
    > include an HTTP URL that references TestKing1.
    > Manually publish the CRLs to the referenced CDP URLs at TestKing1.
    > Revoke all currently issued certificates.
    > Reissue the IPSec certificates to the ISA Server and the remote client
    > computers.
    >
    >
    >
    > --
    > mcsems
    > ------------------------------------------------------------------------
    > Posted via http://www.mcse.ms
    > ------------------------------------------------------------------------
    > View this thread: http://www.mcse.ms/message665101.html
    >
    

  • Next message: Er. Santosh Kumar Singh: "MCSA"