ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-742 All Questions

View all questions & answers for the 70-742 exam
Go to Exam

Exam 70-742 topic 1 question 203 discussion

Actual exam question from Microsoft's 70-742
Question #: 203
Topic #: 1
[All 70-742 Questions]

Your network contains an Active Directory domain named contoso.com. The domain contains an enterprise certification authority (CA) named CA1.
You duplicate the Computer certificate template, and you name the template Cont_Computers.
You need to ensure that all of the certificates issued based on Cont_Computers have a key size of 4,096 bits.
What should you do?

  • A. From the properties of CA1, modify the Security settings.
  • B. From the properties of CA1, modify the Request Handling settings.
  • C. From the properties of the Computer template, modify the Key Attestation settings.
  • D. From the properties of Cont_Computers, modify the Cryptography settings.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Hayemaker at Jan. 30, 2019, 9:20 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Hayemaker
Highly Voted 5 years, 10 months ago
The answer is D. modify the Cryptography settings. Although the actual setting is called “Minimum key size” so in theory you could opt to create 8192 bits. Oh, well… https://blogs.technet.microsoft.com/pki/2012/04/27/best-practice-for-configuring-certificate-template-cryptography/
upvoted 18 times
...
yesboet
Most Recent 4 years ago
correct answer D. From the properties of Cont_Computers, modify the Cryptography settings.
upvoted 2 times
...
coleman
5 years ago
answer D is correct
upvoted 3 times
...
TMW
5 years, 2 months ago
Answer is D.
upvoted 2 times
...
Paz
5 years, 3 months ago
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/tpm-key-attestation D, Notice cryptography is where you see the key size setting.
upvoted 4 times
...
ArchBishop
5 years, 4 months ago
TPM Attestation is not used in the Issuance Phase, but rather it is used in the Request Phase. To Clarify, TPM Attestation is used by the CA to ensure that the Client is using hardware that is Protected and Secured by a Trusted Platform Module Chip embedded in the hardware itself. This is all performed before the Certificate is issued to the Requesting Client. D is the Answer.
upvoted 4 times
...
[Removed]
5 years, 5 months ago
Agree with Hayemaker Answer is D
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago