单选题our network contains a Network Policy Server (NPS) named NPS1 and a network access server named NAS1. NAS1 is configured to use NPS1 for authentication and accounting. A firewall separates NPS1 and NAS1.You need to ensure that NAS1 can successfully send authentication and accounting messages to NPS1.Which ports should you allow through the firewall?()ATCP ports 80, 443, 389 and 1645BTCP ports 88, 135, 139 and 1813CUDP ports 53, 67, 68 and 69DUDP ports 1812, 1813, 1645 and 1646
单选题
our network contains a Network Policy Server (NPS) named NPS1 and a network access server named NAS1. NAS1 is configured to use NPS1 for authentication and accounting. A firewall separates NPS1 and NAS1.You need to ensure that NAS1 can successfully send authentication and accounting messages to NPS1.Which ports should you allow through the firewall?()
A
TCP ports 80, 443, 389 and 1645
B
TCP ports 88, 135, 139 and 1813
C
UDP ports 53, 67, 68 and 69
D
UDP ports 1812, 1813, 1645 and 1646
参考解析
解析:
暂无解析
相关考题:
Your network contains two Active Directory forests named contoso.com and fabrikam.com.You have a standalone Network Policy Server (NPS) named NPS1.You have a VPN server named VPN1. VPN1 is configured as a RADIUS client to NPS1.You need to ensure that users from both forests can establish VPN connections by using their own domain accounts.What should you do?()A. On NPS1, configure remediation server groups.B. On NPS1, configure connection request policies.C. On VPN1, modify the DNS suffix search order.D. On VPN1, modify the IKEv2 Client connection controls.
Your network contains a Network Policy Server (NPS) named Server1. Server1 is configured to use SQL logging.You add a second NPS server named Server2.You need to ensure that Server2 has the same RADIUS authentication and logging settings as Server1.You export the NPS settings from Server1, and then import the settings to Server2.What should you do next on Server2?()A. Create a new ODBC data source.B. Run netsh.exe nps reset config.C. Manually configure the SQL logging settings.D. Restart the Network Policy Server (NPS) role service.
Your network contains a Network Policy Server (NPS) named Server1.NPS1 provides authentication for all of the VPN servers on the network.You need to track the usage information of all VPN connections.Which RADIUS attribute should you log?()A. Acct-Session-IdB. Acct-Status-TypeC. ClassD. NAS-Identifier
Your network contains a Network Policy Server (NPS) named NPS1.You deploy a new NPS named NPS2.You need to ensure that NPS2 sends all authentication requests to NPS1.What should you modify on NPS2?() A. health policiesB. network policiesC. RADIUS clientsD. remote RADIUS server groups
Your network has Network Access Protection (NAP) deployed. The network contains two servers named Server1 and Server2. Server1 is a Network Policy Server (NPS). Server2 has a third-party antivirus solution installed.Server1 is configured to use a custom system health validator provided by the antivirus vendor. The system health validator uses Server2 to identify the version of the current antivirus definition.You need to ensure that NAP clients are considered noncompliant if Server1 cannot connect to Server2.Which error code resolution setting should you configure?()A. SHA not responding to NAP clientB. SHA unable to contact required servicesC. SHV not respondingD. SHV unable to contact required services
Your network is configured as shown in the following diagram.You deploy an enterprise certification authority (CA) on the internal network. You also deploy a Microsoft Online Responder on the internal network. You need to recommend a secure method for Internet users to verify the validity of individual certificates. The solution must minimize network bandwidth. What should you recommend?()A、Deploy a subordinate CA on the perimeter network.B、Install a stand-alone CA and the Network Device Enrollment Service (NDES) on a server on the perimeter network.C、Install a Network Policy Server (NPS) on a server on the perimeter network. Redirect authentication requests to a server on the internal network.D、Install Microsoft Internet Information Services (IIS) on a server on the perimeter network. Configure IIS to redirect requests to the Online Responder on the internal network.
our network contains a Network Policy Server (NPS) named Server1.You need to configure a network policy for a VLAN.Which RADIUS attributes should you add?()A、¡¤Logi-LAT-ServiceˆLogin-LAT-Node ˆLogin-LAT-Group ˆNAS-IdentifierB、¡¤Tunne-Assignment-ID ˆTunnel-Preference ˆTunnel-Client-Auth-ID ˆNAS-Port-IdC、¡¤Tunne-Client-Endpt ˆTunnel-Server-Endpt ˆNAS-Port-Type ˆTunnel-PasswordD、¡¤Tunne-Medium-Type ˆTunnel-Pvt-Group-ID ˆTunnel-Type ˆTunnel-Tag
Your network contains a Network Policy Server (NPS) named NPS1. NPS1 is configured for remote access account lockout.A domain user named User1 has been locked out by NPS1.You need to unlock the User1 user account on NPS1.What should you use?()A、the Netsh toolB、the Network Policy Server consoleC、the Registry EditorD、the Routing and Remote Access console
Your company has deployed Network Access Protection (NAP).You configure secure wireless access to the network by using 802.1X authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP. What should you do?()A、Configure all access points as RADIUS clients to the Remediation Servers.B、Configure all access points as RADIUS clients to the Network Policy Server (NPS).C、Create a Network Policy that defines Remote Access Server as a network connection method.D、Create a Network Policy that specifies EAP-TLS as the only available authentication method.
our network contains a Network Policy Server (NPS) named NPS1 and a network access server named NAS1. NAS1 is configured to use NPS1 for authentication and accounting. A firewall separates NPS1 and NAS1.You need to ensure that NAS1 can successfully send authentication and accounting messages to NPS1.Which ports should you allow through the firewall?()A、TCP ports 80, 443, 389 and 1645B、TCP ports 88, 135, 139 and 1813C、UDP ports 53, 67, 68 and 69D、UDP ports 1812, 1813, 1645 and 1646
Your network contains an Active Directory forest. The forest contains two domains named contoso.com and eu.contoso.com.You install a Network Policy Server (NPS) named Server1 in the contoso.com domain.You need to ensure that Server1 can read the dial-in properties of the user accounts in the eu.contoso.com domain.What should you do?()A、In the contoso.com domain, add Server1 to the RAS and IAS Servers group.B、In the contoso.com domain, add Server1 to the Windows Authorization Access group.C、In the eu.contoso.com domain, add Server1 to the RAS and IAS Servers group.D、In the eu.contoso.com domain, add Server1 to the Windows Authorization Access group.
Your network contains a Network Policy Server (NPS) named Server1.NPS1 provides authentication for all of the VPN servers on the network.You need to track the usage information of all VPN connections.Which RADIUS attribute should you log?()A、Acct-Session-IdB、Acct-Status-TypeC、ClassD、NAS-Identifier
our network contains a server that runs window server 2008. The serve has the network policy server(NPS) service role installed. You need to allow only members of a global group named group1 VPN access to the network. What should you do?()A、Add group1 to the RAS and IAS servers group.B、Add group1 to the network configuration operators group..C、Create a new network policy and define a group-based connection for group1. Set the access permission of the policy to access granted. Set the processing order of the policy to 1.D、Create a new network policy and define a group-based condition for group1. Set the access permission of the policy to acces granted. Set the processing of the policy to 3.
Your network contains a single Active Directory domain. All domain controllers run Windows Server 2008 R2. There are 1,000 client computers that run Windows 7 and that are connected to managedswitches. You need to recommend a strategy for network access that meets the following requirements: èUsers are unable to bypass network access restrictions. èOnly client computers that have up-to-date service packs installed can access the network. èOnly client computers that have up-to-date anti-malware software installed can access the network. What should you recommend?()A、Implement Network Access Protection (NAP) that uses DHCP enforcement.B、Implement Network Access Protection (NAP) that uses 802.1x enforcement.C、Implement a Network Policy Server (NPS), and enable IPsec on the domain controllers.D、Implement a Network Policy Server (NPS), and enable Remote Authentication Dial-In User Service (RADIUS) authentication on the managed switches.
Your company has deployed Network Access Protection (NAP). You configure secure wireless access to the network by using 802.1x authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP. what should you do()? A、Configure all access points as RADIUS clients to the Remediation ServersB、Configure all access points as RADIUS clients to the Network Policy Server (NPS)C、Create a Network Policy that defines Remote Access Server as a network connection methodD、Create a Network Policy that specifies EAP-TLS as the only availible authentication method.
You need to recommend an IP addressing strategy for the client computers in the new sales office. What should you recommend implementing in the new sales office?()A、DHCP server rolesB、the DirectAccess featureC、the Network Policy Server (NPS) role serviceD、the Remote Access Service role service
单选题You need to recommend changes to the existing environment that meet the company’s security requirements for the file server on the main campus. What should you recommend?()ADeploy Network Policy Server (NPS) and create a network policy.BDeploy Print and Document Services and create a custom printer filter.CDeploy File Server Resource Manager (FSRM) and create a file classification rule.DDeploy Active Directory Rights Management Services (AD RMS) and create an AD RMS rights policy template.
单选题You are a security administrator for your company. The network consists of a single Active Directory domain. All client computers run Windows XP Professional. All servers run Windows Server 2003. All computers on the network are members of the domain. Traffic on the network is encrypted by IPSec. The domain contains a custom IPSec policy named Lan Security that applies to all computers in the domain. The Lan Security policy does not allow unsecured communication with non-lPSec-aware computers. The company’s written security policy states that the configuration of the domain and the configuration of the Lan Security policy must not be changed. The domain contains a multihomed server named Server1. Server1 isconnected to the company network, and Server1 is also connected to a test network. Currently, the Lan Security IPSec policy applies to network traffic on both network adapters in Server1. You need to configure Server1 so that it communicates on the test network without IPSec security. Server1 must still use the Lan Security policy when it communicates on the company network. How should you configure Server1?()A Configure a packet filter for the network adapter on the test network to block the Internet Key Exchange (IKE) port.B Configure the network adapter on the test network to disable IEEE 802.1x authentication.C Configure the network adapter on the test network to enable TCP/IP filtering, and then permit all traffic.D Use the netsh command to assign a persistent IPSec policy that permits all traffic on the network adapter on the test.E Assign an IPSec policy in the local computer policy that permits all traffic on the network adapter on the test.
单选题Your network has Network Access Protection (NAP) deployed. The network contains two servers named Server1 and Server2. Server1 is a Network Policy Server (NPS). Server2 has a third-party antivirus solution installed.Server1 is configured to use a custom system health validator provided by the antivirus vendor. The system health validator uses Server2 to identify the version of the current antivirus definition.You need to ensure that NAP clients are considered noncompliant if Server1 cannot connect to Server2.Which error code resolution setting should you configure?()ASHA not responding to NAP clientBSHA unable to contact required servicesCSHV not respondingDSHV unable to contact required services
单选题our network contains a Network Policy Server (NPS) named Server1.You need to configure a network policy for a VLAN.Which RADIUS attributes should you add?()A¡¤Logi-LAT-ServiceˆLogin-LAT-Node ˆLogin-LAT-Group ˆNAS-IdentifierB¡¤Tunne-Assignment-ID ˆTunnel-Preference ˆTunnel-Client-Auth-ID ˆNAS-Port-IdC¡¤Tunne-Client-Endpt ˆTunnel-Server-Endpt ˆNAS-Port-Type ˆTunnel-PasswordD¡¤Tunne-Medium-Type ˆTunnel-Pvt-Group-ID ˆTunnel-Type ˆTunnel-Tag
单选题Your network contains a Network Policy Server (NPS) named NPS1. NPS1 is configured for remote access account lockout.A domain user named User1 has been locked out by NPS1.You need to unlock the User1 user account on NPS1.What should you use?()Athe Netsh toolBthe Network Policy Server consoleCthe Registry EditorDthe Routing and Remote Access console
单选题Your network contains a Network Policy Server (NPS) named NPS1.You deploy a new NPS named NPS2.You need to ensure that NPS2 sends all authentication requests to NPS1.What should you modify on NPS2?()Ahealth policiesBnetwork policiesCRADIUS clientsDremote RADIUS server groups
单选题Your network contains a Network Policy Server (NPS) named Server1. Server1 is configured to use SQL logging.You add a second NPS server named Server2.You need to ensure that Server2 has the same RADIUS authentication and logging settings as Server1.You export the NPS settings from Server1, and then import the settings to Server2.What should you do next on Server2?()ACreate a new ODBC data source.BRun netsh.exe nps reset config.CManually configure the SQL logging settings.DRestart the Network Policy Server (NPS) role service.
单选题Your network contains a Network Policy Server (NPS) named Server1.NPS1 provides authentication for all of the VPN servers on the network.You need to track the usage information of all VPN connections.Which RADIUS attribute should you log?()AAcct-Session-IdBAcct-Status-TypeCClassDNAS-Identifier
单选题Your network contains a server that runs Windows Server 2008. The server has the Network Policy Server (NPS) service role installed. You need to allow only members of a global group named Group1 VPN access to the network. What should you do?()AAdd Group1 to the RAS and IAS Servers GroupBAdd Group1 to the Network Configuration Operators groupCCreate a new network policy and define a group-based connection for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 1DCreate a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access Granted. Set the processing of the policy to 3.
单选题Your network contains a server that runs Windows Server 2008. The server has the Network Policy and Access Services server role installed.You need to allow only members of a global group named Group1 VPN access to the network. What should you do? ()AAdd Group1 to the RAS and IAS Servers group.BAdd Group1 to the Network Configuration Operators group.CCreate a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 1.DCreate a new network policy and define a group-based condition for Group1. Set the access permission of the policy to Access granted. Set the processing order of the policy to 3.
单选题Your network contains two Active Directory forests named contoso.com and fabrikam.com.You have a standalone Network Policy Server (NPS) named NPS1.You have a VPN server named VPN1. VPN1 is configured as a RADIUS client to NPS1.You need to ensure that users from both forests can establish VPN connections by using their own domain accounts.What should you do?()AOn NPS1, configure remediation server groups.BOn NPS1, configure connection request policies.COn VPN1, modify the DNS suffix search order.DOn VPN1, modify the IKEv2 Client connection controls.
单选题You need to recommend an IP addressing strategy for the client computers in the new sales office. What should you recommend implementing in the new sales office?()ADHCP server rolesBthe DirectAccess featureCthe Network Policy Server (NPS) role serviceDthe Remote Access Service role service