You work as the network administrator at certifyme.com. The certifyme.com
network consists of a single Active Directory domain named certifyme.com. All
servers on the certifyme.com network run Windows Server 2003. Half the client
computers are portable computers, and the rest are desktop computers. The client
computers are running a mix of Windows 2000 Professional Windows XP
Professional.
There are many certifyme.com Sales department users that work out of the office
due to the nature of their job description. These Sales department users require
access to resources on certifyme.com when out of the office. It is your responsibility to
provide the Sales department users with access to the network. To this end you have
five servers that are running with Routing and Remote Access services configured
for VPN connectivity. All these servers are configured with the same remote access
policy.
A new written security policy has recently been issued by the certifyme.com
management and consequently you had to reconfigure the policies on each of these
servers. 350-001 Because of the policy changes you received instruction to centralize the
remote access policies to ensure that any future changes to the policies can be made
once and applied to all remote access servers.
Leading the way in IT testing and certification tools, www.certifyme.com
- 8 -
What should you do?
A. A Domain Group Policy to apply any changes should be configured.
B. The Routing and Remote Access servers must be configured to use Internet
Authentication Services (IAS).
C. An application directory partition must be implemented.
D. Extensible Authentication Protocol (EAP) should be configured on all the Routing and
Remote Access servers. 640-802
Answer: B
Explanation: IAS makes use of Remote Authentication Dial-In User Service (RADIUS)
to centralize policies, logging, and authentication services from a single location. This
would be ideal under the circumstances of ever-changing policy application.
Incorrect Answers:
A : Remote policies are not stored in group policies. Thus configuring a Domain Group
policy will not centralize the policies.
C : Implementing an application directory partition will not centralize remote access
policies. These partitions are used to create a section of the Active Directory database for
application specific data to control replication and not for centralization of remote
policies. VCP-310
D : EAP is an authentication protocol and is not used to centralize remote access policies.
Reference:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment