CPT 255 Chapters 12 and 13

Ace your homework & exams now with Quizwiz!

When you fully engage NAP for remediation enforcement, which mode do you place the policy in?

*****Isolation*****WRONG ANSWER, CHANGE.

Which statement best describes the importance of monitoring system health?

*****Monitoring system health is important to tracking and preventing system failures.******WRONG ANSWER, CHANGE.

Which of the following can be used with the Web Application Proxy to allow you to configure authorization claim rules that issue a permit or deny a claim?

*****Multi-Factor Authentication.*****WRONG ANSWER, CHANGE.

You are accessing an application through the Web Application Proxy. To log in, you go to a web page, input information, and then click the Login button. Which type of authentication is this?

****Claims-based authentication****WRONG ANSWER, CHANGE.

Which options are available for the storage of the AD FS configuration settings? (Choose all that apply.)

****Windows Internal Database, SQL Server.****WRONG ANSWER, CHANGE.

Windows Firewall allows an administrator to import and export firewall rules. What is the file extension of the rules file?

.wfw

How many CIDR bits should be used for the IPv6 addressing when configuring NLB with Remote Access?

/59

What is the maximum number of network requests per second a dedicated Health Registration Authority (HRA) can perform when you use the minimum hardware requirements?

20 or more.

Which IEEE standard defines network security such as RADIUS authentication and port-based access controls?

802.1x

Which of the following are requirements for the digital certificate for AD FS and Web Application Proxy?

A certificate whose subject includes the federation service name.

Network Access Protection (NAP) is Microsoft's software for controlling network access of computers based on which of the following?

A computer's overall health

Which type of network connects two private networks?

A site-to-site VPN connection.

Which of the following forms of authentication can be used with AD FS? (Choose all that apply.)

A) Integrated Windows Authentication, C) Claims-based authentication, D) Windows Store app clients.

When creating security health validators (SHVs) that ensure that all clients meet a minimum set of criteria before allowing them to connect, administrators have a variety of options to select from. Which of the following options are available? (Choose all that apply.)

A) Up-to-date anti-spyware protection B) A properly functioning firewall C) Up-to-date anti-virus protection D) Installation of the latest Windows updates

Which type of authentication used with Web Application Proxy has the user authenticate to the AD FS server before the Web Application Proxy redirects them to the published web application?

AD FS preauthentication.

Which of the following are supported as attribute stores for AD FS?

All of the above.

Which of the following are remediation server types? (Choose all that apply.)

Anti-virus/anti-malware servers, Software update servers.

The Run the Remote Access Setup Wizard divides the installation into four separate installations that provide you with a great deal of control over settings and configurations. Which of the following statements best describes the installation of Infrastructure Servers?

Configure how the clients access the core infrastructure services, such as Active Directory domain controllers and DNS servers. Specify an internal web server that can provide location services for infrastructure components to your DirectAccess clients.

The Run the Remote Access Setup Wizard divides the installation into four separate installations that provide you with a great deal of control over settings and configurations. Which of the following statements best describe the installation of Remote Access Servers?

Configure the network connections based on one or two network cards and which adapters are internal and which adapters are external. Specify the use of smartcards and specify the certificate authority (CA) to use for DirectAccess to provide secure communications.

The Run the Remote Access Setup Wizard divides the installation into four separate installations that provide you with a great deal of control over settings and configurations. Which of the following statements best describes the installation of Application Servers?

Configure your end-to-end authentication and security for the DirectAccess components. It also provides secure connections to individual servers.

Which service is used to provisions a device object in AD DS and issues a certificate for the Workplace-Joined Device?

Device Registration Service.

When enabling NAP for DHCP scopes, how should you roll out the service?

For individual DHCP scopes.

DHCP enforcement is not available for which type of clients?

IPv6

Which of the following is used to generate custom "Access Denied" messages when accessing an applications over the Web Application Proxy?

Multi-factor access control.

Which NAP enforcement method requires an AD domain controller, Network Policy Server (NPS), CA (AD or third-party) and Health Registration Authority role with Internet Information Services?

NAP with IPsec enforcement

Which NAP deployment method is the best option to choose when you want to use as few other servers or devices as possible to enforce NAP on clients connecting to your internal network within your office building?

NAP with IPsec enforcement.

Which feature is used to create a Remote Access Cluster?

Network Load Balancing.

Which of the following can be used for packet tracing? (Choose all that apply.)

Network Monitoring, Remote Access Management console.

Which type of authentication used with Web Application Proxy does not require users to enter credentials before they connect to the published web application?

Pass-through preauthentication

In Windows Firewall Customized Settings, there are three profiles (public, private, and domain). What differentiates these profiles from each other?

Public is for servers accessible to temporary users. Private is for servers on an internal network. Domain is for servers in which users are all authenticated.

To configure RADIUS service load balancing, you must have more than one kind of which system per remote RADIUS server group?

RADIUS Sever

Which type of Active Directory domain controller is recommended to minimize security risks for remediation servers?

Read-only

Which Windows Server 2012 R2 server role would is used to install the Web Application Proxy for AD FS?

Remote Access.

Which steps must be taken to use multi-factor authentication? (Choose all that apply.)

Set up a MFA policy. Select an additional authentication method.

The Run the Remote Access Setup Wizard divides the installation into four separate installations that provide you with a great deal of control over settings and configurations. Which of the following statements best describes the installation of Remote Clients?

Specify which clients within your organization can use DirectAccess. Specify the computer groups that you want to include and whether you want to include Windows 7 clients.

Where do you look to find out which computers are blocked and which computers are granted access via NAP?

The NAP Server Event Viewer.

When an access client contacts a VPN server or wireless access point, a connection request is sent to which system?

The NPS server.

Which program or application can be used to create a site-to-site VPN connection?

The Routing and Remote Access console.

What does the term "filter" refer to in the Windows Firewall With Advanced Security console?

The ability to display inbound or outbound rules according to a profile.

In a RADIUS infrastructure, which system handles the switchboard duties of relaying requests to the RADIUS server and back to the client?

The access server

Which of the following are the requirements to configuring an AD FS claims-based authentication to use SSO? (Choose all that apply.)

The application must be configured to use AD FS for SSO., The AD FS server must have a claims aware relying party trust for the application.

You want to protect your network by using Network Access Protection to verify that antivirus software and Windows Firewall is running and that a machine is up-to-date before connecting to the network. What happens to a computer that isn't running Windows Firewall?

The computer is isolated.

You should restrict access only for clients that don't have all available security updates installed when which of the following situations exists?

The computers are configured to use Windows Update.

Which statement best describes the purpose of the System Health Agent (SHA)?

The purpose of the System Health Agent (SHA) is to provide feedback on the status of system protection and updates.

What is the primary objective of a firewall?

To permit traffic in and out for legitimate users, and to block the rest

In Windows Server 2012 R2, which of the following is used as a reverse proxy?

Web Application Proxy.

Which built-in packet filter is found within Windows?

Windows Firewall

Which of the following allows you to join a device to the organization network without joining the device to the Active Directory domain?

Workplace Join.

Which of the following is used to register a smartphone or tablet in Active Directory, which will install a certificate on a device so that it can secure single sign-on mechanism?

Workplace Join.

Which type of RADIUS server is placed between the RADIUS server and RADIUS clients?

a RADIUS proxy server.

Which command displays a NAP client's configuration?

netsh nap client show state


Related study sets

Lecture Exam 4 Ch 17, 18, 22, 23, 24

View Set

PSYCHOLOGY UNIT 4 CLASSICAL CONDITIONING

View Set

1. Physics Practice Questions - Momentum and Energy- 1-83

View Set

Basic Vehicle Extrication Techniques

View Set

HESI Urinary Tract Infection Case Study

View Set