Ch 6

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What UDP port is used for IKE traffic from VPN client to server? a. 1723 b. 500 c. 4500 d. 50

b. 500

The Network Access Permission attribute for a user account is set to which of the following by default? a. Deny access b. Allow access c. Control access through NPS Network Policy d. Control access through Group Policy

c. Control access through NPS Network Policy

What is the default port used by the Secure Sockets Tunneling Protocol (SSTP) protocol for incoming connections? a. 443 b. 8181 c. 8080 d. 53 e. 80

a. 443

Using the Routing and Remote Access snap-in, which of the following can be configured? a. All of the mentioned choices b. Dial-up Remote Access Server c. VPN Gateway d. LAN Routing e. Firewall f. NAT

a. All of the mentioned choices

Which DirectAccess component allows clients to determine whether they're on the company network or a remote network? a. NLS b. Kerberos proxy c. ISATAP d. PKI

a. NLS

What VPN tunnel type uses Generic Routing Encapsulation based tunnels and can use MS-CHAPv2 or EAP-TLS for authentication? a. PPTP b. L2TP c. SSTP d. SSLVPN

a. PPTP

After adding the Active Directory Certification Authority and Certificate Web Enrollment, what is the next step that you must perform? [Choose all that apply.] a. Enable firewall exceptions b. Initialize them for the use by the end clients c. Configure the Web server for Web Enrollment d. Configure the end clients to use them

b. Initialize them for the use by the end clients d. Configure the end clients to use them

Which DirectAccess IPv6 transition technology uses Secure Sockets Layer over port 443? a. Teredo b. 6to4 c. IP-HTTPS d. ISATAP

c. IP-HTTPS

How can you view the Mapping Table in Routing and Remote Access snap-in? a. In the Static Route Properties under IPv4 b. In the General Properties under IPv4 c. In Ethernet properties under NAT d. In the RIP Properties under IPv4

c. In Ethernet properties under NAT

What should you configure in Routing and Remote Access if you want computers using a private IP address to access the public Internet? a. Demand-dial interface b. Web Application Proxy c. Nat d. Dynamic routing

c. Nat

Which VPN tunnel type requires the firewall to allow TCP port 443? a. L2TP/IPsec b. PPP c. SSTP d. PPTP

c. SSTP

Which of the following are services provided by the Remote Access server role? (Choose all that apply.) a. Internet Information Services b. Windows Server Update Services c. Web Application Proxy d. Network Address Translation

c. Web Application Proxy d. Network Address Translation

What is the metric used by the dynamic routing protocol you configure in Routing and Remote Access? a. Ping time b. Bandwidth c. Least cost d. Hop count

d. Hop count

Which service will allow a Windows server to be configured as a router to connect multiple subnets in a network or connect the network to the Internet? a. RADIUS b. DirectAccess c. Certificate Services d. Routing and Remote Access

d. Routing and Remote Access

What port is utilized for an inbound SSTP tunnel? a. UDP 1723 b. UDP 4500 c. TCP 500 d. TCP 443

d. TCP 443

Which service is used with routing to translate private IP addresses to public IP addresses to facilitate hosts accessing the internet on a private network? a. VPN b. NAT c. IIS d. RAS

b. NAT

What specific authentication method has no encryption for used credentials or data, and is not recommended for most applications? a. CHAP b. PAP c. MS-CHAPv2 d. IKEv2

b. PAP

Which remote access feature provides a convenient and manageable secure remote connection using features available in IPv6? a. Network Address Translation b. Web Application Proxy c. DirectAccess d. VPN

c. DirectAccess

Which of the following does a router do if it receives a packet for a destination network that's not in its routing table and no default route is configured? a. Broadcasts the packet b. Returns the packet to the sender c. Discards the packet d. Sends a route query to the next router

c. Discards the packet

To enable SSL, which of the following menu options in Internet Information Services (IIS) Manager should you choose after right-clicking the Website name? a. Manage Website b. Edit Permissions c. Edit Bindings d. Add Application

c. Edit Bindings

What is the minimum number of network adapters required for Network Address Translation (NAT)? a. 5 b. 1 c. 4 d. 3 e. 2 f. 6

e. 2

What are the pre-requisites for installing DirectAccess? a. All of the mentioned choices b. Enable DHCP service c. Set up certificate templates for multiple names d. Create a DNS Resource Record e. Create a DirectAccess security group for client workstations f. Install Active Directory Certificate Services

a. All of the mentioned choices

Which role service should you install if you want client computers to be able to authenticate an IPsec connection with Kerberos proxy? a. DirectAccess and VPN b. Web Application Proxy c. Remote dial-in d. Routing

a. DirectAccess and VPN

Which VPN tunnel type uses an Internet Key Exchange? a. SSTP b. L2TP/IPsec c. PPP d. PPTP

b. L2TP/IPsec

Which tunnel type needs to authenticate client and server computers with a preshared key or a digital certificate? a. SSTP b. L2TP/IPsec c. PPTP d. PPP

b. L2TP/IPsec

When you create a VPN connection on a client computer, what is the default tunnel type? a. PPTP b. SSTP c. L2TP/IPsec d. Automatic

d. Automatic

Which of the following routing protocols would you choose when using dynamic routing with IPv6? a. IGRP b. RIPv2 c. IS-IS d. BGP

d. BGP

What should you configure if you want only users who are members of particular groups to be able to connect to the VPN? a. Remote Authentication Rule b. Network Access Rule c. Connection Request Policy d. Network Policy

d. Network Policy

Which of the following tasks are performed by the Network Policy Server (NPS)? [Choose all that apply.] a. Authorization b. Confidentiality c. Accounting d. Authentication e. Monitoring

a. Authorization c. Accounting d. Authentication

You receive the following message:"Current settings for this certificate template allow a client to submit a certificate request using any subject name and does not require approval by a certificate manager." What does the subject mean in this context? [Choose all that apply.] a. Computer b. User c. Group d. E-Mail Address e. Network Service

a. Computer b. User e. Network Service

Remote access is denied to users by default. Which of the following must you do to allow users to connect via remote access? (Choose all that apply.) a. Configure a network policy in the Network Policy Server console. b. Configure dial-in settings in user accounts. c. Set up a VPN. d. Configure settings in the Routing and Remote Access console.

a. Configure a network policy in the Network Policy Server console. b. Configure dial-in settings in user accounts.

To make the VPN client successfully connect to the VPN server, which of the following should you do on the client system? [Choose all that apply.] a. Download the delta CRLs to the client's local certificate store b. Download the base CRLs to the client's local certificate store c. Configure the network adapter to accept dynamic IP address d. Enable a firewall exception in the Windows Firewall

a. Download the delta CRLs to the client's local certificate store b. Download the base CRLs to the client's local certificate store

To ensure that web servers can request a certificate from the CA server, you need to set up permissions for enrollment. Which permission should you grant to the Webserver in the Certificates console? a. Enroll b. Write c. Read d. Full Control

a. Enroll

Which of the following should you configure if you want DirectAccess clients to access the Internet through the company network? a. Force tunneling b. Intranet tunnel c. Split tunneling d. NLS

a. Force tunneling

Which of the following need to be configured on the firewall to allow PPTP VPN connections? (Choose all that apply.) a. IP protocol ID 47 b. IP protocol ID 50 c. TCP port 1723 d. UDP port 4500

a. IP protocol ID 47 c. TCP port 1723

Which of the following are benefits of using a PKI instead of self-signed certificates when configuring DirectAccess? (Choose all that apply.) a. Support for multisite configurations b. Simpler DirectAccess client deployment c. Two-factor authentication support d. Better security

a. Support for multisite configurations c. Two-factor authentication support d. Better security

What feature allows you to create VPN connections that can be distributed to users' computers so that VPN clients do not have to be configured on each client station? a. VPN connection profiles b. VPN reconnect policies c. NPS Network Policy d. RA User Properties

a. VPN connection profiles

What specific type of Windows Server 2016 configuration allows a cloud service provider to use a virtual machine configured as a gateway to route multiple tenants using the same physical network? a. Windows Server Gateway b. Hybrid Gateway c. Cloud Services Gateway d. RADIUS Server

a. Windows Server Gateway

What routing protocol must be used to support dynamic routing when using Windows Server 2016 and IPv6 routing? a. RIP b. Border Gateway Protocol c. RIPv2 d. OSPF

b. Border Gateway Protocol

By default, the network access permission for a new user is set to what? a. Allow access b. Deny access c. Control access through NPS network policyu d. Control access with Active Directory

b. Deny access

Which authentication method should you choose if users authenticate with smart cards? a. MS-CHAPv2 b. EAP c. RADIUS d. PAP

b. EAP

After setting up a VPN connection on a Windows 10 system, which of the following command will help you verify the VPN connection details? a. Show-VpnConnection b. Get-VpnConnection c. Display-VpnConnection d. Set-VpnConnection

b. Get-VpnConnection

If a DirectAccess used has issues with their laptop or remote device, what can be enabled to facilitate help desk personnel get remote desktop access to the client? a. Teredo b. ISATAP c. 6to4 d. IPsec

b. ISATAP

For a client to connect to the DirectAccess server, which task must be completed for the client? a. A DNS record for the client must be created. b. The client must be added to a security group. c. A certificate must be installed on the client. d. A firewall exception at the client must be created.

b. The client must be added to a security group.

Which remote access configuration option should you choose if you want mobile users to be able to make a secure connection to the main network and allow computers on the private network to access the Internet with a public IP address? a. Secure connection between two private networks b. VPN access and NAT c. NAT d. Remote access (dial-up or VPN)

b. VPN access and NAT

To allow Remote Desktop Protocol (RDP) access to DirectAccess clients, which port must be opened on the client side firewall? a. 587 b. 1720 c. 3389 d. 8080

c. 3389

A valid digital certificate that is not self signed is issued by: a. a VPN server b. A DirectAccess client c. A Certificate Authority d. A router

c. A Certificate Authority

You want to allow the network clients to connect to the Internet using a single IP address. In the Routing and Remote Access Wizard which of the following options should you choose? a. VPN and NAT b. Remote Access (dial-in or VPN) c. Network Address Translation (NAT) d. Remote Access Server (RAS)

c. Network Address Translation (NAT)

Which two types of packets does Secure Sockets Tunneling Protocol (SSTP) send using a Secure Sockets Layer (SSL) channel? [Choose two that apply.] a. HTTPS b. SSTP c. PPTP d. L2TP e. HTTP

c. PPTP d. L2TP

What do you configure in Routing and Remote Access that specifies the server should send its routing table to its neighbors? a. Static routing b. Default route c. RIPv2 d. L2TP

c. RIPv2

Which remote access configuration option should you choose if you want mobile users to be able to make a secure connection to the main network and allow computers on the private network to access the Internet with a public IP address? a. Remote access (dial-up or VPN) b. NAT c. VPN access and NAT d. Secure connection between two private networks

c. VPN access and NAT

When using an SSTP protocol, which of the property of the VPN server should you know? a. VPN server IP address b. Domain name c. VPN server name d. Type of VPN server

c. VPN server name

Which term best describes a network connection that uses the Internet to give mobile users or branch office secure access to a company's network resources on a private network? a. secure socket b. tunnel c. virtual private network d. direct access

c. virtual private network

For you to set up a Windows Server 2016 system as a VPN server, how many network adapters would be required? a. 5 b. 6 c. 3 d. 2 e. 4 f. 1

d. 2

On a Windows Server 2016, you have configured a VPN server and enabled appropriate firewall rules. You need to assign permissions to several users to allow access to the VPN server. Which of the following snap-in should you use? a. Routing and Remote Access Server b. Active Directory Domains and Trusts c. Active Directory Sites and Services d. Active Directory Users and Computers

d. Active Directory Users and Computers

Which option is NOT a valid requirement for DirectAccess in Windows Server 2016? a. The server must be a domain member b. The server must have at least one NIC c. The server must have a public IP address or an IP address that can be resolves to a public IP address d. The server must run at least one other VPN tunnel type to facilitate the DirectAccess

d. The server must run at least one other VPN tunnel type to facilitate the DirectAccess

Which remote access role service allows publishing web-based applications for use by clients outside the network? a. Direct Access and VPN b. Routing c. IIS d. Web Application Proxy

d. Web Application Proxy

When there are two or more routes to the same destination, the route with what type of metric takes precedence? a. highest b. verified c. hop count d. lowest

d. lowest


Ensembles d'études connexes

Praxis 5621 Principles of Learning and Teaching

View Set

Psychological Disorders 3360 - Final Fall 2021

View Set

NS3-M1U1C4 - U.S. Strategy & the Navy

View Set

MindTap: Worksheet 18.1: Nature and Classification

View Set

Reversible Reactions and Equilibrium Assignment and Quiz

View Set

Evidence Based Practice and Clinical Judgment

View Set