Prev Question
Next Question

Your network contains two Active Directory forests named contoso.com and fabrikam.com.
A two- way forest trust exists between the forests.
The contoso.com forest contains an enterprise certification authority (CA) named CAl.
You implement cross-forest certificate enrollment between the contoso.com forest and the fabrikam.com forest. On CA1, you create a new certificate template
named Template1.
You need to ensure that users in the fabrikam.com forest can request certificates that are based on Template1.
Which tool should you use?

A. Sync-ADObject

B. Pkiview.msc

C. CertificateServices.ps1

D. Certutil

E. PKISync.ps1

Explanation:
E. PKISync.ps1 copies objects in the source forest to the target forest
To copy certificate templates from an account forest to the resource forest
1. Start Windows PowerShell. Change the current directory to the location on the PKISync.ps1 script.
2. Copy the certificate template from the account forest by using the command .\PKISync.ps1 ­ sourceforest <account forest DNS> – targetforest <resource
forest DNS> – type Template ­cn <certificate template common name>.
Note: If a certificate template in the resource forest has the same name as the certificate template you want to copy from the account forest, you must rename the
certificate template in the account forest before copying the template to the resource forest. See Rename a Certificate Template.
3. Copy the OID container from the account forest by using the command .\PKISync.ps1 ­sourceforest <account forest DNS> – targetforest <resource forest
DNS> – type Oid ­f and press Enter.
“Configure Hosted Cache Servers” is a new Group.
Policy setting that you can also use when deploying BranchCache in hosted cache mode. With this setting, you can enter the the computer names of the hosted
cache servers that are available to client computers in the branch office. If you use this setting, client computers don’t need to search for hosted cache servers
because they already have the server names.
Incorrect Answers:
A: Replicates a single object between any two domain controllers that have partitions in common.
B: Monitoring and troubleshooting the health of all certification authorities (CAs) in a public key infrastructure (PKI) are essential administrative tasks facilitated by
the Enterprise PKI snap-in.
D: use Certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components,
and verify certificates, key pairs, and certificate chains.
References:

https://technet.microsoft.com/en-us/library/hh852296.aspx
https://technet.microsoft.com/en-us/library/cc732261(v=ws.10).aspx
https://technet.microsoft.com/en-us/library/ff955845(v=ws.10).aspx

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *