You deploy a Windows Server 2008 R2 VPN server behind a firewall. Remote users connect to theVPN by using portable computers that run Windows 7. The firewall is configured to allow only secured Web communications.You need to enable remote users to connect as securely as possible. You must achieve this goal without opening any additional ports on the firewall.
What should you do?()
A. Create an IPsec tunnel.
B. Create an SSTP VPN connection.
C. Create a PPTP VPN connection.
D. Create an L2TP VPN connection.
您可能感兴趣的试卷
你可能感兴趣的试题
Your network contains one Active Directory domain. You have a member server named Server1 that runs Windows Server 2008 R2. The server has the Routing and Remote Access Services role service installed.You implement Network Access Protection (NAP) for the domain.You need to configure the Point-to-Point Protocol (PPP) authentication method on Server1.
Which authentication method should you use?()
A. Challenge Handshake Authentication Protocol (CHAP)
B. Extensible Authentication Protocol (EAP)
C. Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)
D. Password Authentication Protocol (PAP)
Your company has 10 servers that run Windows Server 2008 R2. The servers have Remote Desktop Protocol (RDP) enabled for server administration. RDP is configured to use default security settings. All administrators' computers run Windows 7. You need to ensure the RDP connections are as secure as possible.
Which two actions should you perform?()
A. Set the security layer for each server to the RDP Security Layer.
B. Configure the firewall on each server to block port 3389.
C. Acquire user certificates from the internal certification authority.
D. Configure each server to allow connections only to Remote Desktop client computers that use Network Level Authentication.
Your corporate network has a member server named RAS1 that runs Windows Server 2008 R2. You configure RAS1 to use the Routing and Remote Access Services (RRAS). The company¯s remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection.
What should you do?()
A. Install the Network Policy Server (NPS) server role on RAS1.
B. Create a remote access policy that requires users to authenticate by using SPAP.
C. Create a remote access policy that requires users to authenticate by using EAP-TLS.
D. Create a remote access policy that requires users to authenticate by using MS-CHAP v2.
Your company has a main office and 15 branch offices. The company has a single Active Directory domain. All servers run Windows Server 2008 R2.You need to ensure that the VPN connections between the main office and the branch offices meet the following requirements:
¡¤All data must be encrypted by using en-to-end encryption.
¡¤The VPN connection must use compute-level authentication.
¡¤User names and passwords cannot be used for authentication
What should you do?()
A. Configure an IPsec connection to use tunnel mode and preshared key authentication.
B. Configure a PPTP connection to use version 2 of the MS-CHAP v2 authentication.
C. Configure a L2TP/IPsec connection to use the EAP-TLS authentication.
D. Configure a L2TP/IPsec connection to use version 2 of the MS-CHAP v2 authentication.
Your company has a single Active Directory domain. The domain has servers that run Windows Server 2008 R2. You have a server named NAT1 that functions as a NAT server. You need to ensure that administrators can access a server named RDP1 by using Remote Desktop Protocol (RDP).
What should you do?()
A. Configure NAT1 to forward port 389 to RDP1.
B. Configure NAT1 to forward port 1432 to RDP1.
C. Configure NAT1 to forward port 3339 to RDP1.
D. Configure NAT1 to forward port 3389 to RDP1.
Your company has a single Active Directory domain. The company network is protected by a firewall.Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: °Error 721:
The remote computer is not responding.You need to ensure that users can establish a VPN connection.
What should you do?()
A. Open port 1423 on the firewall.
B. Open port 1723 on the firewall.
C. Open port 3389 on the firewall.
D. Open port 6000 on the firewall.
Your company has a single Active Directory forest that has a domain in North America named na.contoso.com and a domain in South America named sa.contoso.com. The client computers run Windows 7. You need to configure the client computers in the North America office to improve the name resolution response time for resources in the South America office.
What should you do?()
A. Configure a new Group Policy object (GPO) that disables the Local-Link Multicast Name Resolution feature. Apply the policy to all the client computers in the North America office.
B. Configure a new Group Policy object (GPO) that enables the Local-Link Multicast Name Resolution feature. Apply the policy to all the client computers in the North America office.
C. Configure a new Group Policy object (GPO) that configures the DNS Suffix Search List option to sa.contoso.com, na.contoso.com. Apply the policy to all the client computers in the North America office.
D. Configure the priority value for the Service Location (SRV) records on each of the North America domain controllers to 5.
Your company has an Active Directory domain named ad.contoso.com. All client computers run Windows 7. The company has recently acquired a company that has an Active Directory domain named ad.fabrikam.com. A two-way forest trust is established between the ad.fabrikam.com domain and the ad.contoso.com domain. You need to edit the ad.contoso.com domain Group Policy object (GPO) to enable users in the ad.contoso.com domain to access resources in the ad.fabrikam.com domain.
What should you do?()
A. Configure the DNS Suffix Search List option to ad.contoso.com, ad.fabrikam.com.
B. Configure the Allow DNS Suffix Appending to Unqualified Multi-Label Name Queries option to True.
C. Configure the Primary DNS Suffix option to ad.contoso.com, ad.fabrikam.com. Configure the Primary DNS Suffix Devolution option to True.
D. Configure the Primary DNS Suffix option to ad.contoso.com, ad.fabrikam.com. Configure the Primary DNS Suffix Devolution option to False.
Your company has a server named Server1 that runs Windows Server 2008 R2. Server1 runs the DHCP Server server role and the DNS Server server role. You also have a server named ServerCore that runs a Server Core installation of Windows Server 2008 R2. All computers are configured to use only Server1 for DNS resolution. The IP address of Server1 is 192.168.0.1. The network interface on all the computers is named LAN. Server1 is temporarily offline. A new DNS server named Server2 has been configured to use the IP address 192.168.0.254.You need to configure ServerCore to use Server2 as the preferred DNS server and Server1 as the alternate DNS server.
What should you do?()
A. Run the netsh interface ipv4 add dnsserver "LAN" static 192.168.0.254 index=1 command.
B. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 192.168.0.1 both command.
C. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 primary command and the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.1 both command.
D. Run the netsh interface ipv4 set dnsserver "LAN" static 192.168.0.254 primary command and the netsh interface ipv4 add dnsserver "LAN" static 192.168.0.1 index=1 command.
Your company has a single Active Directory domain. The company has a main office and three branch offices. The domain controller in the main office runs Windows Server 2008 R2 and provides DNS for the main office and all of the branch offices. Each branch office contains a file server that runs Windows Server 2008 R2.Users in the branch offices report that it takes a long time to access network resources. You confirm that there are no problems with WAN connectivity or bandwidth.You need to ensure that users in the branch offices are able to access network resources as quickly as possible.
Which two actions should you perform?()
A. Configure a standard primary zone in each of the branch offices.
B. Configure forwarders that point to the DNS server in the main office.
C. Configure a secondary zone in each of the branch offices that uses the main office DNS server as a master.
D. Install DNS servers in each of the branch offices.
最新试题
Your company has a network that has 100 servers. You install a new server that runs Windows Server 2008. The server has the Web Server (IIS) role installed. You discover that the Reliability Monitor has no data, and that the system stablitiy chare has never been updated. You nede to configure the server to collect the reliability monitor data. What should you do()?
You have a server that runs Windows Server 2008. you create a new quota template. you apply quotas to 100 folders by using the quota template. you nede to modify the quota settings for al 100 folders. You must achive this goal by using the minimum amount of administrative effort. What should you do()?
You have a file server that runs Windows Server 2008 R2.You configure quotas on the server.You need to view each user¯s quota usage on a per folder basisWhat should you do?()
You perform a security audit of a server named CRM1. You want to build a list of all DNS requests that are initiated by the server. You install the Microsoft Network Monitor 3.0 application on CRM1. You capture all local traffic on CRM1 for 24 hours. You save the capture file as data.cap. You find that the size of the file is more than 1 GB. You need to create a file named DNSdata.cap from the existing capture file that contains only DNS-related data.What should you do? ()
Your companys corporate network uses Network Access Protection (NAP). Users are able to connect to the corporate network remotely. You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible. What should you do()?
Your company has an active directory domain that has two domain controllers named DC1 and DC2. You prepare both servers to support event subscriptions. On DC1, you create a new default subscription for DC2. You need to review system events for DC2. Which event log should you select()?
You have 10 standalone servers that run Windows Server 2008 R2.You install the Windows Server Update Services (WSUS) server role on a server named Server1.You need to configure all of the servers to receive updates from Server1.What should you do?()
Your company has a main office and a branch office. The branch office has three servers that run a Server Core installation of Windows Server 2008 R2. The servers are named Server1, Server2, and Server3. You want to configure the Event Logs subscription on Server1 to collect events from Server2 and Server3. You discover that you cannot create a subscription on Server1 from another computer. You need to configure a subscription on Server1.Which two actions should you perform?()
You perform a security audit on a server named Server1. You install the Microsoft Network Monitor 3.0 application on Server1. You find that only some of the captured frames display host mnemonic names in the Source column and the Destination column. All other frames display IP addresses. You need to display mnemonic host names instead of IP addresses for all the frames.What should you do?()
Your company has a server named SRV1 that runs Windows Server 2008 R2. The default Print Services server role is installed on SRV1. The company wants to centralize printing on SRV1 for both UNIX and Windows users. You need to provide support to the UNIX users who print on SRV1.What are two possible ways to achieve this goal? ()