741 quiz 2
The private network addresses are expressed in RFC 1918:
- 10.0.0.0-10.255.255.255 - 172.16.0.0-172.31.255.255 - 192.168.0.0-192.168.255.255
What are the two things you need to know about NAT enabling a LAN?
- provides a type of firewall by hiding internal IP addresses - enable multiple internal computers to share a single external public IP address
What does IPsec provide?
Authentication, anti-replay, and non repudiation
You use windows powershell cmdlets to enable, disable, or configure what in windows server 2016?
BGP
routing metric
A unit calculated by a routing algorithm to determine the optimal route for sending network traffic.
What is the maximum number of hops allowed for RIP?
15
DirectAccess
A feature introduced with Windows 7 and Windows Server 2008 R2 that provides seamless intranet connectivity to DirectAccess client computers when they are connected to the Internet.
In the server you click IPAM > MONITOR AND MANAGE > DHCP SCOPES to do what?
Configure DHCP Policy
You use what to create and customize the profiles for CM and to distribute them to users?
Connection manager administration kit (CMAK)
DirectAccess client and server authenticate each other using computer what for authentication?
Certificates
Encapsulation
Encapsulates or places private data in a packet with a header containing routing information that allows the date to traverse the transit network such as the internet
Data Encryption
Ensures data remains private by encrypting it prior to transmission, preventing unauthorized users from accessing it.
What metric unit is used by RIP?
Hops
In server manager, in which of the following locations is a DHCP policy configured?
IPAM > MONITOR AND MANAGE > DHCP Scopes
Users who are members of this group can view server discovery, IP address space, and server information, but they CANNOT view IP address tracking information
IPAM users
Which of the following is the minimal role that is needed to view IP address space without seeing IP address tracking information?
IPAM users
A DirectAccess connection to a target intranet resource is initiated when the DirectAccess client connects to the DirectAccess server through what?
IPv6
If you want to use smart cards for remote connections, you must use what?
Extensible Authentication Protocol (EAP)
After the DirectAccess server is configured, you need to configure the infrastructure servers to support what ?
DirectAccess
Different from the traditional virtual private network (VPN) connections, what connections are automatically established and they provide always-on seamless connectivity?
DirectAccess
It is always best to us what or what whenever possible?
EAP-MS-CHAPv2 or MS-CHAPv2
What is the industry standard when setting up secure tunnels?
L2TP
IPAM ASM Administrators
Members of this group have IPAM Users privileges and can perform common IPAM ADDRESS SPACE MANAGEMENT (ASM) tasks and IP address space tasks
IPAM MSM administrators
Members of this group have IPAM Users privileges and can perform common IPAM MULTI-SERVER MANAGEMENT (MSM) tasks and server management tasks.
IPAM IP Audit Administrators
Members of this group have IPAM Users privileges and can perform common IPAM management tasks and CAN view IP address tracking information.
IPAM Administrators
Members of this group have the privileges to view ALL IPAM data and perform all IPAM tasks
Routers operate at what model layer which is known as the what layer?
Model Layer 3, Network Layer
The wizard offers 5 basic options for configuring RRAS
Network Address Translation (NAT)
To add a route what is the command?
Route add (up address) mask (subnet mask)
To view or configure the routing table from the command line, use the what command-line utility?
Route.exe
If you need to use a VPN connection behind a firewall that allows only HTTPS, what is your only option?
SSTP
Network Address Translation (NAT)
Sets up the server to provide NAT services to clients on the private network that need to access the internet
If the network location server cannot, it is on the what?
Internet
To provide constant connectivity, you use what which automatically establishes a VPN connection when internet connectivity is available ?
Internet Key Exchange version 2 ( IKEv2)
If a client computer can securely connect to a network location server it is in the what?
Intranet
What must you use to convert between private and public addresses ?
Use a NAT gateway or proxy server
Password Authentication Protocol (PAP)
Uses plaintext (unencrypted passwords). PAP is the least secure authentication and is not recommended.
data integrity
Verified that the data sent over the VPN connection has not been modified in transit
Enabling NAT is a simple process, which can be selected using the what wizard?
The Routing and Remote Access Server Setup Wizard
To use DirectAccess, the DirectAccess server requires what?
The server must be part of an active directory domain
Virtual Private Network (VPN)
links two computers or devices through a wide-area network (WAN) such as the Internet.
What is the L2TP message encrypted with?
Advanced Encryption Standard (AES) and Triple Data Encryption Standard (3DES)
To use DirectAccess, the client must be what ?
Joined to an active directory domain
Windows server 2016 functions as a software-based router that can be used for what?
Lightly trafficked subnets on a small network
SSTP also implements stronger encryption which makes it the most what VPN protocol?
Most secure
SSTP uses a what bit certificate?
2048 certificate
If you have to configure what to connect to a remote server, it can be a lot of work and it can be easy to make an error ?
Multiple clients
What enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic
NAT
A DirectAccess client uses a what to determine its location.
NLS ( Network Location Server)
To implement DirectAccess, you need a certificate services what, which requires installing an active directory certificate services ( AD CS) role and certificate authority (CA) role?
Public key infrastructure (PKI)
To use windows server 2016 as a router, you add what and configure it?
RRAS role
How are the routing tables manually created?
Static routes
The DirectAccess client must be able to reach the organization's intranet DNS servers using IPv6. You can use the what option to attempt to reach the IPv6 addresses of intranet servers?
The ping option
In windows server 2016, which of the following are methods to create DNS resource records?
-DNS Manager console -Windows Powershell - Server Manager IPAM
What is nonrepudiation?
A VPN feature that guarantees that a transferred message was sent abs received by the two parties planning to have sent and received the message
Border Gateway Protocol (BGP)
A standardized exterior gateway protocol that exchanges routing and reachability information among autonomous systems (AS) between edge routers on the Internet.
To make a router persistent you add what to the command
Add -p
After an executable file is created that includes all of the VPN settings, the executable file is deployed on the what computers?
Client computers
Authentication
Proves the identity of the user or computer that tries to connect
To help simplify the administration of the VPN client into an easy-to-install executable, you can use the what?
RAS Connection Manager Administration Kit (CMAK)
What does Microsoft Windows support the Routing Information Protocol through?
RRAS
In the advanced TCP/IP settings dialing box, deselect the what check box?
The use default gateway on remote network
How are touting tables dynamically created?
With routing protocols such as Routing Information Protocol (RIP) based on the current routing topology