Examice

Exam ACCESS-DEF All QuestionsBrowse all questions from this exam

Question 33

You are tasked to enforce certificate based authentication onto all the domain-joined Windows machines within your organization. Based on the inventory record, there are 1000 Windows machines, which include 150 standalone Windows machines. The enrollment will be conducted from either the office network or through the Virtual Private Network (VPN).

Which parameter(s) should you define within the enrollment code to ensure the security of the code and that only the authorized endpoints get registered?

Set an expiration date defining when the code should expire.

Specify the maximum number of devices that can be enrolled.

Define the enrollment code to only the specific office/VPN IP network segment.

Define that only Linux machines may be enrolled.

Correct Answer: A, C

To ensure the security of the enrollment code and that only authorized endpoints get registered, you should set an expiration date for the code (option A) and define the enrollment code to only the specific office/VPN IP network segment (option C). Setting an expiration date ensures that the code cannot be misused after a certain period, and restricting enrollment to specific IP segments helps ensure that only devices within your organization's network can enroll. This combination addresses both the temporal and spatial aspects of security.

Discussion

oswaldekOptions: AC

A,C - correct