Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
19 Cards in this Set
- Front
- Back
221. What enables network administrators and owners to configure access rights for users during the users’ entire lifecycle within an organization? |
Identity Lifecycle Management
|
|
222. What role in ILM is to provide services for managing public key certificates that can be used by any security system that relies on a PKI for authentication or authorization?
|
Active Directory Certificate Services
|
|
223. What consists of a number of elements that allow two parties to communicate securely, without any previous communication, through the use of a mathematical algorithm called public key cryptography?
|
public key infrastructure
|
|
224. What is a secret piece of information that is shared between two parties prior to being able to communicate securely?
|
shared secret key
|
|
225. What is an entity that issues and manages digital certificates for use in a PKI, such as a Windows Server 2008 server running the AD CS server role?
|
Certificate Authority
|
|
226. What electronic piece of information proves the identity of the entity that has signed a particular document?
|
digital signature
|
|
227. What are small physical devices on which a digital certificate is installed that are usually the size of a credit card or keychain fob?
|
smart cards
|
|
228. What is used to request certificates on behalf of a user, computer, or service if self-enrollment is not practical or is otherwise an undesirable solution for reasons of security or auditing?
|
enrollment agents
|
|
229. What service allows devices, such as hardware-based routers and other network devices and appliances, to enroll for certificates within a Windows Server 2008 PKI that might not otherwise be able to do so?
|
Network Device Enrollment Service
|
|
230. What ACL specifically allows users or computers to be automatically issued certificates based on a template?
|
Autoenroll
|
|
231. What enables a user to manually create a certificate request file using the Certificates MMC snap-in?
|
Certificate Request Wizard
|
|
232. Users with what predefined security role are tasked with issuing and managing certificates, including approving certificate enrollment and revocation requests?
|
Certificate Manager
|
|
233. Which of the following are not able to be performed by those with the Auditor predefined security role?
|
define key recovery agents
|
|
234. What identifies certificates that have been revoked or terminated?
|
Certificate Revocation List
|
|
235. What is the process by which private keys are maintained by the CA for retrieval by a recovery agent?
|
key archival
|
|
236. What type of CA is not integrated with Active Directory and relies on administrator intervention to respond to certificate requests?
|
standalone CA
|
|
237. What type of CA can use certificate templates as well as Group Policy Objects to allow auto-enrollment of digital certificates, as well as store digital certificates within the Active Directory database for easy retrieval by users and devices?
|
enterprise CA
|
|
238. What service responds to requests from clients concerning the revocation status of a particular certificate, returning a digitally signed response indicating the certificate’s current status?
|
Online Responder
|
|
239. What is at the top level of a CA hierarchy?
|
root CA |