Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/46

Click to flip

46 Cards in this Set

  • Front
  • Back
In Windows 2000 Server, the certification authority is one of two types:_ and _.
enterprise
stand-alone.
you must install an _ _ if you plan to issue certificates to users or computers inside a single Windows 2000 network
enterprise CA
An enterprise CA requires that all users and computers requesting certificates have an account in _ _.
Active Directory
You must install a _ CA if you plan to issue certificates to users or computers _ a single Windows 2000 network
stand-alone
outside
A stand-alone CA does not require _ _
Active Directory
Enterprise Root CA: _-_ CA in cerification heirarchy. Signs its own _ _and requires _ _.
Top-level
CA certificate
Active Directory.
An enterprise root CA is the top-level CA in a certificate hierarchy. An enterprise root CA uses _ _to determine the _ of the requester and to
determine whether the requester has the _ _ to
request a particular certificate type
Active Directory
identity
security permissions
You should set up an
enterprise root CA if you will issue certificates only to _ and _ within your organization.
users
computers
Typically, the enterprise
root CA issues certificates only to _ _
subordinate CAs
Enterprise CA requires the following:
1) _ Server service
2) _ _ on the DNS, Active Directory, and _ servers.
3) _ Directory
DNS
Administrative privileges
CA
Active
To publish certificates in Active Directory, the server on which the CA is installed must be a member of the _ _ _
Cert Publishers group
An Enterprise Subordinate CA is able to issue _ within an organization. However, it is not the _ _ CA
certificates
most trusted
An enterprise Subordinate must have a _ _
Parent CA
A stand-alone root CA the _-_ CA in a certificate _.
top-level
heirarchy
A stand-alone root ca can operate _ or _ AD.
with
without
A stand-alone root CA can be _ from the network.
disconnected
A stand-alone CA should be installed if you will issue certificates to entities _ _ _.
outside your organization
Typically a root CA issues certificates to _ CAs
subordinate
You must have _ _ on the local _ to install a stand-alone CA
local privileges
server
A standalone subordinate CA acts as a _ _ server within a CA trust hierarchy.
solitary certificate
A subordinate stand-alone CA should be installed if you will issue _ to entities _ _ _.
certificates
outside your organization
In order to insall a stand-alone subordinate CA you must have a _ CA and _ privileges on the _ _.
parent
administrative
local server
A computer cannot be _, or _ to or _ from a domain after Certificate Services is installed
renamed
joined
removed
To perform any of these actions, you first need to _ _ _from the computer.
remove Certificate Services
Advanced Options: CSP: Specifies a _-_ _service provider
third-party cryptographic
Advanced Options: CSP: The default is _ _ _ _v 1.0.
Microsoft Base Cryptographic Provider
Advanced Options: Hash Algorithm: The default is _.
SHA-1 (Secure Hash Algorithm 1).
Advanced Options: Key Length: The default key length is _ _ when using Microsoft Base Cryptographic Providers.
512 bit
Advanced Options: Key Length: For a root CA, you should use a key length of at least _ _. This setting is not available if you are using _ _.
2048 bits
existing keys.
Advanced Options: Existing Keys: Select this option when you are _ or _ a previously installed CA. Also, select Use the _ _ to ensure that the CA has a certificate that is identical to the _ CA.
relocating
restoring
associated certificate
previous
Identifying Information: CA Name: The name to identify the _ _that will be created in Active Directory.
CA object
Identifying Information: CA Name: Active Directory object names are limited to _ _ by the _standard
64 characters
Lightweight Directory Access Protocol (LDAP)
Identifying Information: Country/Region: The _-_country/region code, as required by the _ Naming Scheme standard.
two-character
X.500
Identifying Information:Valid for The field can be set only for a _ _. The validity duration you choose for the CA determines when the _ _. Typically, a time period of _ _ is recommended.
root CA
CA expires
two years
By default, the certificates that a CA issues are stored in _
systemroot\System32\CertLog
You can also store configuration data in a shared folder. By default, the shared folder is _.
systemroot\CAConfig
You can also specify a _ _where the CA stores information about the CA and its root CA certificate.
shared folder
Create the shared folder if you want to allow users to retrieve information about the _ and the _ _ certificate from a shared folder instead of using a _ _ to retrieve this information.
CA
root CA
Web browser
If you specify a shared folder, Certificate Services shares the folder and assigns to it the name _.
CertConfig
Installation Components: A _for managing CAs on servers on which Certificate Services is _.
console
installed.
You access Certification Authority through the _ _ menu
Administrative Tools
Installation Components: Certificates. A _ that you add to Microsoft Management Console (MMC) to manage _ _ for user accounts, computers, and services.
snap-in
existing certificates
Installation Components: Certificate Services Web enrollment support. _ _ provided for users and administrators to request certificates. These Web pages are located at _, where server is the name of the server running Windows 2000 that hosts the CA.
Web pages
http://server/certsrv
When backing up a server, the CA is backed up as part of the _ _
system state
It is also possible to back up and restore a CA by using _ _, but this method is intended for use only when you do not want to back up the _ _ on which the CA is installed.
Certification Authority
entire server
Upon restoring a CA, the _ _ must also be restored if it has been damaged or lost. If a damaged or missing IIS metabase is not restored, IIS will _ _ _, and that will result in the _ of _ _to start.
IIS metabase
fail to start
failure
Certificate Services