Prev Question
Next Question

Your network contains an Active Directory domain named contoso.com. The domain contains a certification authority (CA).
You suspect that a certificate issued to a Web server is compromised.
You need to minimize the likelihood that users will trust the compromised certificate.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A. Stop the Certificate Propagation service.

B. Modify the validity period of the Web Server certificate template.

C. Run certutil and specify the -revoke parameter.

D. Run certutil and specify the -deny parameter.

E. Publish the certificate revocation list (CRL).

Explanation:

First revoke the certificate, then publish the CRL.

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *