What should you change?

Posted by: Pdfprep Category: 70-742 Tags: , , Post Date: November 11, 2020

You have a certification authority (CA) named CA1.

You create a certificate template named Template1 that has the following configurations:

– Minimum key size: 2048

– Cryptographic provider Microsoft Strong Cryptographic Provider

– Compatibility Settings – Certification Authority: Windows Server 2012 R2

– Compatibility Settings – Certificate recipient: Windows 8.1 / Windows Server 2012 R2

You plan to configure Template1 to require that computers requesting certificates based on Template1 must have a TPM-protected private key.

You need to modify Template1 to ensure that you can configure the Key Attestation settings.

What should you change?
A . Compatibility Settings – Certification Authority to Windows Server 2016
B . Compatibility Settings – Certificate recipient to Windows 10 / Windows Server 2016
C . Cryptographic provider to Microsoft Platform Crypto Provider
D . Minimum key size to 4096

Answer: C

Explanation:

References: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/tpm­key-attestation

Author

Leave a Reply

Your email address will not be published.