Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
You have created a root CA for Microsoft Certificate authority. The best way to ensure the integrity of the keys is to:
Place the root CA in the DMZ
Disconnect the root CA from the network
Connect the root CA to the subordinate CA's on a private network
Place the root CA in a highly protected zone behind firewalls
Once keys are generated by the Root CA, they should be transported via some other means such as USB key to the subordinate CA's. The root CA is only needed for the initial key generation. The root CA should be disconnected from the network in order to maintain the integrity of the keys. Source please! ***To mitigate the risk of the root CA being accessed by an unauthorized user and ensure the reliability of the CA, it is best practice to install root CAs offline. This way, the root CA is not connected to a network, and you can keep the CA in a secure area with limited access. ***https://wesentra.com/Ladattavat/PKI%20Managed%20Root%20Service%20Solution%20Brief.pdf
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.