Your network contains an enterprise root certification authority (CA) named CA1.
Multiple computers on the network successfully enroll for certificates that will expire in one year. The certificates are based on a template named Secure_Computer. The template uses schema version 2.
You need to ensure that new certificates based on Secure_Computer are valid for three years.
What should you do?
A. Modify the Validity period for the certificate template.
B. Instruct users to request certificates by running the certreq.exe command.
C. Instruct users to request certificates by using the Certificates console.
D. Modify the Validity period for the root CA certificate.
19iven answer A is correct.
https://technet.microsoft.com/en-us/library/cc725621(v=ws.10).aspx
Validity period.
This defines the validity period for an issued certificate.
The validity period cannot be greater than the validity period of the CA’s certificate.
The minimum renewal period is 80 percent of the certificate lifetime or six weeks, whichever is greater.