CompTIA SecurityX (CAS-005) — Question 283

An administrator brings the company's fleet of mobile devices into its PKI in order to align device WLAN NAC configurations with existing workstations and laptops. Thousands of devices need to be reconfigured in a cost-effective, time-efficient, and secure manner. Which of the following actions best achieve this goal? (Choose two.)

Answer options

• A. Using the existing MDM solution to integrate with directory services for authentication and enrollment
• B. Deploying netAuth extended key usage certificate templates
• C. Deploying serverAuth extended key usage certificate templates
• D. Deploying clientAuth extended key usage certificate templates
• E. Configuring SCEP on the CA with an OTP for bulk device enrollment
• F. Submitting a CSR to the CAto obtain a single certificate that can be used across all devices

Correct answer: A, E

Explanation

The correct actions are A and E. Option A effectively leverages the existing MDM solution to streamline the authentication and enrollment process, while option E allows for secure bulk device enrollment using SCEP and OTP. The other options focus on certificate templates or obtaining a single certificate, which do not address the need for mass reconfiguration in a time-efficient and cost-effective manner.