Windows 10 Chapter 14
When a client connects to a RD Web Access server, what type of file is downloaded that includes all of the necessary configuration information for connecting to the desktop of RemoteApp? a..rda file b..rdp file c..rdc file d..rds.file
.rdp file
Which option for mtsc.exe prevents connection information from being cached on the local computer? /remoteGuard /restrictedAdmin /public /shadow /admin
/public
Remote Desktop listens on which TCP port number? a.3450 b.3389 c.3398 d.3938
3389
On the ______________________ tab in Remote Desktop Connection, you can configure server authentication settings and Remote Desktop Gateway (RD Gateway) settings.
Advanced
What is the purpose of configuring an RD Gateway server in Remote Desktop?
An RD Gateway server is used to secure access to Remote Desktop from public networks, such as the Internet. When Remote Desktop Connection is configured to use an RD Gateway, RDP traffic is tunneled in HTTPS packets to the RD Gateway server. The RD Gateway server sends the RDP packets on to the internal network.
Which automated method for VPN connection deployment would work best for users that are not domain joined? Windows PowerShell Group Policy Preferences VB Script CMAK
CMAK
Why is dial-up networking no longer the most common method used for remote access? Explain why it is more common for remote access to be done over a virtual private network.
Dial-up is seldom used now because it is very slow when compared with Internet connectivity. Dial-up connectivity is limited to approximately 56 Kbps. A VPN is much faster than dial-up because it operates at almost the same speed as the Internet connection.
What technology behaves like an "always-on" VPN connection? a.Remote Assistance b.Remote Desktop c.DirectAccess d.dial-up networking
DirectAccess
In Remote Desktop Connection, which tab allows you to enable and disable various display-related settings that can impact the amount of data sent between the local and remote computers? a.Local Resources tab b.Display tab c.Experience tab d.General tab
Experience tab
IKEv2 requires the use of which of authentication protocol? a.Extensible Authentication Protocol (EAP) b.Password Authentication Protocol (PAP) c.Challenge Handshake Protocol (CHAP) d.Point-to-Point Protocol (PPP)
Extensible Authentication Protocol (EAP)
When you configure a VPN connection, the VPN must be used as the default gateway. True or False? True False
FALSE
Layer 2 Tunneling Protocol provides both authentication and data encryption for the VPN client and remote access server. True False
False
PPTP is the preferred VPN protocol. True or False? False True
False
Windows 10 includes a Remote Desktop client, but not Remote Desktop Web access. True False
False
When a VPN connection loses connectivity due to a network interruption, which protocol can reconnect automatically once network connectivity is restored using a feature known as VPN Reconnect? a.PPTP b.SSTP c.L2TP d.IKEv2
IKEv2
Which VPN protocol supports the VPN Reconnect feature? DirectAccess SSTP L2TP/IPsec IKEv2 PPTP
IKEv2
How does a DirectAccess client determine whether it is on the internal network or external network? If the client can resolve enterpriseregistration.domain.com then it is external If latency to the network location server is above 40 milliseconds then it is external If the client can resolve enterpriseregistration.domain.com then it is internal If the client can connect to the network location server then it is internal If the client can connect to the network location server then it is external
If the client can connect to the network location server then it is internal
Which VPN protocol uses IPsec to provide data encryption? a.PPTP b.L2TP c.SSTP d.PPP
L2TP
Which of the following are authentication methods that can be used by IPsec? (Choose all that apply.) Kerberos Pre-shared key NTLM Certificates Hash value
Pre-shared key Certificates Kerberos
Which VPN authentication protocol uses SSL? CHAP Protected EAP EAP MS-CHAP v2 PAP
Protected EAP
Which type of remote data access provides the best performance for applications accessing databases? Remote Assistance Dial-up Work Folders RDS VPN
RDS Remote Desktop Services
Which of the following allows a user to send an invitation to a remote user that invites them to remotely connect to the local computer? a.Remote Control b.Remote Access c.Remote Desktop d.Remote Assistance
Remote Assistance
What are some of the ways Remote Assistance can be initiated?
Remote Assistance can be initiated in a variety ways including: Invitation file—Users can create an invitation file that they send to a helper. When the helper opens the file, remote assistance starts. This method does not work over routers that perform Network Address Translation (NAT) because the IP address information in the invitation file is the internal IP address of the computer that is not accessible over the Internet. Easy Connect—When users select Easy Connect instead of an invitation, the user is provided with a password that needs to be sent to the helper. The helper enters that password to be connected. This type of connection works over the Internet and through NAT. Easy Connect tunnels IPv6 packets over IPv4 networks. Administrator initiated—As a helper, you can offer remote assistance to users if you know the IP address or computer name. After the connection to the computer is established, the user is prompted to allow the connection.
You want to connect to a user desktop to review Windows 10 configuration settings when the user is not present. Which technology should you use? Offline files VPN Remote Desktop Remote Assistance RDS
Remote Desktop
Windows Server 2016 can be configured as a remote access server by installing which server role? a.Remote Assistance b.Remote Server Administration c.Network Policy and Access Services d.Routing and Remote Access
Routing and Remote Access
Using Office 365, you can synchronize files from libraries located in which of the following? a.Remote Assistance b.Windows Store c.Offline Files d.SharePoint Online
SharePoint Online
What are the benefits of using DirectAccess as a remote access solution?
Since DirectAccess is always on, it provides some benefits including: Easier for users—Users do not need to do anything for DirectAccess to work. Access to all resources can be maintained with the only difference being slower access. Clients are manageable—Because DirectAccess is always on, the clients are manageable even when they are on the road. Group Policy Objects (GPOs) can still be applied and software deployment technologies still work. Generally, with a VPN, clients are not considered to be manageable.
Which port numbers and packet types are relevant for allowing SSTP through a firewall? IP protocol type 47 (GRE) UDP port 4500 TCP port 1723 TCP port 443 IP protocol type 50 (ESP)
TCP port 443
EAP is a framework for implementing authentication protocols rather than an authentication protocol. True or False? True False
TRUE
What three things can authentication for IPsec be based upon?
The authentication for IPsec can be based on: Pre-shared key—This is a password that needs to be configured on both the VPN client and the remote access server. A pre-shared key is relatively easy to implement, but, because a single password is shared by all clients and the remote access server, this is not very secure. Certificates—If the VPN client and the remote access server have both been configured with certificates that are trusted, certificate authentication can be used. This is more secure than a pre-shared key, but it can be awkward to deploy certificates to all of the VPN clients. Kerberos—Windows-based networks use Kerberos to authenticate users and computers. This same protocol can be used by IPsec. Using IPsec is only possible if the VPN client computer and the remote access server are members of the same Active Directory forest.
What are the most common issues with using DirectAccess? What can be done to troubleshoot those issues?
The most common DirectAccess issues are network connectivity and Group Policy application. When it comes to troubleshooting, if a client has never had DirectAccess working, verify that the computer account is in the proper group for Group Policy application. You can use gpresult.exe to help identify why the GPO is not being applied. If DirectAccess was previously working, verify that there is Internet connectivity for the client before moving on to more advanced troubleshooting.
What are some of the methods that can be used to configure clients for accessing Work Folders?
There are several ways to configure clients for accessing Work Folders. Automatic discovery is the most preferred method because it supports devices that are not domain joined. Automatic discovery of the Work Folders URL is based on the email address of the user. Another simple method that works when devices are not domain joined is manually entering the Work Folders URL. For domain-joined computers, you can use Group Policy to configure the Work Folders URL. You can also use Group Policy to force the Work Folders client to be enabled instead of waiting for the user to start configuration.
DirectAccess relies on IPv6 for connectivity. True False
True
Public networks allow traveling users to obtain a remote network connection. True False
True
Which port numbers and packet types are relevant for allowing L2TP/IPsec through a firewall? (Choose all that apply.) UDP port 4500 IP protocol type 50 (ESP) TCP port 1723 TCP port 443 IP protocol type 47 (GRE)
UDP port 4500 IP protocol type 50 (ESP)
Which of the following operating systems can use Work Folders? (Choose all that apply.) Windows 7 Windows 10 Windows 8 Android iOS
Windows 10 iOS Android Windows 8 Windows 7
Which of the following technologies allows you to access files from a Windows 10 computer that is not currently connected to a network (wired or wireless)? (Choose all that apply.) Offline files Remote Desktop OneDrive Work Folders VPN
Work Folders OneDrive Offline files
What is the preferred method to configure clients to use Work Folders? a.manually enter the Work Folders URL b.configure user object in Active Directory c.configure through the System and Security applet d.automatic discovery
automatic discovery
What type of technology allows users to work with files whether they are connected to network or not by copying files locally to mobile computers? a.DirectAccess b.DSL c.VPN d.data synchronization
data synchronization
Which of the following is considered the oldest technology for remote access? a.dial-up networking b.virtual private network c.TCP/IP d.DirectAccess
dial-up networking
Which remote connectivity type automatically connects clients to the main office when they are roaming? IKEv2 DirectAccess L2TP/IPsec PPTP SSTP
direct access
Remote Desktop in Windows 10 allows multiple users to connect to one computer at the same time. True or False? False True
false
Which type of remote data access is best suited to watching users remotely while they demonstrate a process that is causing an issue? Work Folders Remote Assistance Remote Desktop VPN Dial-up
remote assistance
Automatic configuration for Work Folders is based on the email address of the user. True or False? True False
true
Selecting a VPN type of Automatic is suitable for most VPN deployments. True or False? False True
true
