Smart cards provide an option for multifactor authentication

Smart cards cannot be used for interactive sign in

Smart cards contain a certificate and private key that can only be accessed by using a PIN

Smart cards provide enhanced security beyond a password

Smart cards can only be used for digital signature and encryption

True

False

Enable a key recovery agent

Enable a data recovery agent

Publish the User certificate template and configure the desired groups of users for auto-enrollment

Enable EFS on AD DS domain computers by using Group Policy

Upgrade all AD DS domain computers to Windows Server 2016 or Windows 10

True

False

Certificates can be used to encrypt HTTP traffic between a web server and browser

Certificates can be used to digitally sign documents

Digitally signed documents are invalidated if the contents are modified

To send encrypted e-mail to an external recipient who is not part of your internal PKI, you must use an encryption certificate issued by a public CA

Files encrypted using Encrypting File System (EFS) can only be read by the individual who first encrypted the file

True

False

Configure the KRA certificate template

Enroll a designated user for a KRA certificate

Publish the KRA public key by using Group Policy

Configure a recovery agent on the CA

Configure desired certificate templates for key archival