Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GSLC Exam - Topic 2 Question 48 Discussion

Actual exam question for GIAC's GSLC exam
Question #: 48
Topic #: 2
[All GSLC Questions]

You work as a Network Administrator for Net World International. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. All client computers on the network run Windows XP Professional.

You configure a public key infrastructure (PKI) on the network. You configure a root CA and a subordinate CA on the network. For security reasons, you want to take the root CA offline. You are required to configure the CA servers to support for certificate revocation. Choose the steps you will require to accomplish the task.

A .

Show Suggested Answer Hide Answer
Suggested Answer: B

by Onita at May 29, 2024, 12:20 AM

Limited Time Offer

25%

Off

Get Premium GSLC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lino
6 months ago
Agreed, but it's still a common setup in many places.
upvoted 0 times
...
Enola
6 months ago
Wait, are we sure about the Windows Server 2003 setup? Seems outdated.
upvoted 0 times
...
Fatima
6 months ago
You need to configure CRLs for revocation support.
upvoted 0 times
...
Paul
7 months ago
I think taking it offline is a bit risky though.
upvoted 0 times
...
Brande
7 months ago
Root CA should definitely be offline for security!
upvoted 0 times
...
Nathalie
7 months ago
I vaguely remember something about publishing the CRL and ensuring the subordinate CA is configured correctly. I just need to focus on the order of operations.
upvoted 0 times
...
Giuseppe
7 months ago
I feel like I might confuse the steps for revocation with the initial CA setup. I hope the options are clear enough to help me choose the right one.
upvoted 0 times
...
Elenora
8 months ago
I think we practiced a similar question about setting up a subordinate CA. I believe it involves configuring the CRL distribution points, but I can't recall the details.
upvoted 0 times
...
Dominga
8 months ago
I remember we discussed the importance of taking the root CA offline for security, but I'm not entirely sure about the exact steps for configuring certificate revocation.
upvoted 0 times
...
Silvana
8 months ago
This question covers a lot of PKI concepts. I'll need to take my time and make sure I understand each step before answering. Careful planning will be important here.
upvoted 0 times
...
Maxima
8 months ago
Okay, I think I've got a good handle on this. The key is to set up an Online Responder and configure the CRLs on the subordinate CA. I'll make sure to walk through that methodically.
upvoted 0 times
...
Cheryll
8 months ago
Hmm, I'm a bit unsure about the specifics of configuring the CAs to support certificate revocation. I'll need to double-check the details on that.
upvoted 0 times
...
Stefany
8 months ago
This seems like a straightforward PKI configuration question. I'll need to carefully review the steps to take the root CA offline while still supporting certificate revocation.
upvoted 0 times
...
Anisha
8 months ago
Ah, I've got it! The answer is C, GET_DDL. That's the SQL command that will show me the full CREATE definition of the masking policy.
upvoted 0 times
...
Matilda
8 months ago
I think we start with identifying capital addition projects first, right? It seems like that would be the logical first step.
upvoted 0 times
...
Karl
8 months ago
This seems like a straightforward question about consumer privacy directives. I'll focus on identifying the key points from the FTC report and matching them to the answer choices.
upvoted 0 times
...
Vallie
8 months ago
Hmm, I think the key here is to methodically check each of the configuration parameters mentioned in the answer choices. Matching the settings between the routers should resolve the EXSTART/EXCHANGE issue.
upvoted 0 times
...
Emeline
1 year ago
Remember, no peeking at your neighbor's screen during the exam! That's a one-way ticket to disqualification.
upvoted 0 times
Adelina
1 year ago
Yes, Option C seems like the right choice for configuring the CA servers to support certificate revocation.
upvoted 0 times
...
Shenika
1 year ago
I believe we should choose Option C to accomplish the task.
upvoted 0 times
...
Ahmad
1 year ago
I think we need to configure the CA servers to support for certificate revocation. What do you think?
upvoted 0 times
...
...
Erick
1 year ago
I'll go with Option A. Keeping the root CA offline and using OCSP and CRLs sounds like a solid security approach.
upvoted 0 times
Virgilio
12 months ago
User 4: It's important to follow best practices when it comes to PKI security.
upvoted 0 times
...
Dudley
1 year ago
User 3: Using OCSP and CRLs will help ensure certificate revocation is handled properly.
upvoted 0 times
...
Norah
1 year ago
User 2: Definitely, keeping the root CA offline adds an extra layer of protection.
upvoted 0 times
...
Joye
1 year ago
User 1: I agree, Option A seems like the best choice for security.
upvoted 0 times
...
...
Erick
1 year ago
Hmm, Option D has a funny name - 'All of the above'. I wonder if the exam writer has a sense of humor!
upvoted 0 times
...
Truman
1 year ago
I'm not sure, but Option C seems to involve the root CA being offline, which is what the question is asking for.
upvoted 0 times
Tarra
1 year ago
User 2: Yeah, I agree. Taking the root CA offline is crucial for security.
upvoted 0 times
...
Lenny
1 year ago
User 1: I think Option C is the right choice.
upvoted 0 times
...
...
Malcom
1 year ago
Option A looks like the right choice here. Configuring an Online Certificate Status Protocol (OCSP) server and publishing CRLs seem like the necessary steps to support certificate revocation.
upvoted 0 times
Darrel
1 year ago
Option D doesn't seem relevant for configuring CA servers to support certificate revocation. I would go with Option A.
upvoted 0 times
...
Kami
1 year ago
I'm not sure about Option C. It doesn't seem as necessary as the other options for supporting certificate revocation.
upvoted 0 times
...
Elfriede
1 year ago
I think Option B could also be a good choice. It's important to have a backup plan for certificate revocation.
upvoted 0 times
...
Tamekia
1 year ago
I agree, Option A seems like the best choice. Setting up an OCSP server is crucial for certificate revocation.
upvoted 0 times
...
...
Miles
1 year ago
I believe Option C might be the right choice for this task.
upvoted 0 times
...
Mi
1 year ago
I agree. It's important for security reasons to have that in place.
upvoted 0 times
...
Miles
1 year ago
I think we need to configure the CA servers to support certificate revocation.
upvoted 0 times
...

Save Cancel