CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Juniper
  5. JN0-250

Free JN0-250 Exam Braindumps (page: 8)

Page 7 of 17
PDF with 65 Questions

You are the network administrator for your company. The network consists of a single Active Directory domain with five domain controllers that run Windows Server, Enterprise Edition. You are updating the public key infrastructure (PKI) for your company. Issuing Certification Authorities (CAs) have been provided certificates with a validity period of five years. Certificates are issued to enable network users to encrypt files on their computers. Basic EFS certificates have been issued and have been configured with the default validity period. You want to configure all new EFS certificates so that they are valid for up to three years. What should you do? Each correct answer presents part of the solution. (Choose all that apply.)

  1. Duplicate and rename the Basic EFS certificate template.
  2. Open the Basic EFS certificate template Properties dialog box.
  3. Select the General tab and edit the validity period.
  4. Select the General tab and edit the renewal period.
  5. Select the Security tab and change the permission for the Administrators group to Enroll.

Answer(s): A,C



You administer your company's Web site, which contains executable programs. You want to provide the highest level of trust to Internet users who download your programs, and you want to ensure that users' browsers will allow them to download the programs. Your company's network includes an enterprise root Certification Authority (CA) and an issuing enterprise subordinate CA. Which of the following actions should you take?

  1. Request a Code Signing certificate from your company's enterprise subordinate C
  2. Request a Code Signing certificate from a commercial CA.
  3. Request a User Signature Only certificate from your company's enterprise subordinate CA.
  4. Request a User Signature Only certificate from a commercial CA.

Answer(s): B



You are one of the administrators for your company's Windows Server network. The relevant portion of the network is presented in the following exhibit.


All servers, client computers and one network print device are currently configured with static IP addresses. The network IP address is 200.10.29.0. A DHCP server has been deployed but has not yet been configured. You must configure a new scope that will provide the existing client computers with IP configurations. The new scope should support an additional 25 new client computers that will be deployed within the next two months. Which settings should be included in the new DHCP scope? Each correct answer presents part of the solution. (Choose three.)

  1. subnet mask: 255.255.255.0
  2. subnet mask: 255.255.255.128
  3. DHCP scope starting IP address: 200.10.29.7
    DHCP scope ending IP address: 200.10.29.254
  4. DHCP scope starting IP address: 200.10.29.1
    DHCP scope ending IP address: 200.10.29.254
  5. DHCP scope exclusion range starting IP address: 200.10.29.1
    DHCP scope exclusion range ending IP address: 200.10.29.6
  6. DHCP scope exclusion range starting IP address: 200.10.29.1
    DHCP scope exclusion range ending IP address: 200.10.29.254

Answer(s): A,D,E



You administer your company's Windows network. The network consists of 25 Windows Server computers. The network contains an offline root Certification Authority (CA) located in the main office and a subordinate issuing CA in the main office and each of the remaining four retail locations.

One of the four retail locations has been purchased and will operate as a franchise. You must ensure that resources on the company network will not accept certificates from the associated subordinate CA in this retail location after the sale is completed. Your solution must use a minimum amount of administrative effort.

What should you do? Each correct answer presents part of the solution. (Choose three.)

  1. On the company's root CA, revoke the certificate of the subordinate C
  2. Disconnect the subordinate CA from the network.
  3. On the subordinate CA, remove the CA software and remove the CA files.
  4. On the subordinate CA, revoke the certificates that it has issued.
  5. Publish a new Certificate Revocation List.
  6. Copy the Edb.log file from the root CA to its Certification Distribution Point on your network.
  7. Copy the Edb.log file from the subordinate CA to its Certification Distribution Point on your network.
  8. Copy the Certificate Revocation List file to the Certificate Distribution Point on your network.

Answer(s): A,E,H






Post your Comments and Discuss Juniper JN0-250 exam with other Community members:

JN0-250 Discussions & Posts