Quiz 6 - Installing, Configuring, and Troubleshooting NPS and NAP

1.

1 point

You are an administrator for the Contoso Corporation where you have a single Active Directory domain and an enterprise root certificate authority. You decide to use NAP to protect the VPN connections. You build the following two servers:

Server1 NPS, Remediation server, and SHVS

Server2 VPN server and RADIUS Server

What do you need to do to make sure that all client computers that attempt a VPN connection have the system health policy applied?

Add the NAP role to the domain controller

Configure the clients as RADIUS clients.

Reconfigure Server2 as a RADIUS client.

Reconfigure Server1 as a RADIUS client.

2.

1 point

You have users who connect to the corporate network using their laptops. Because these computers often access confidential data, you need to be sure that users access network resources only from computers that comply with the company policy of having an anti-virus, anti-spyware and have the newest Windows updates. You decide to use NAP. Which type of enforcement policy should you implement?

EAP

IPsec

DHCP

802.1x

3.

1 point

Which of the following NAP enforcement mechanisms is considered the weakest?

802.1

VPN

RD Gateway

IPsec

DHCP

4.

1 point

Which of the following is the default location for the log files if you use text files for RADIUS accounting?

C:\RADIUS\Logs

C:\Temp

C:\Logs

C:\Windows\System32\LogFiles

5.

1 point

Identify which steps need to be completed when you configure NAP DHCP enforcement. (Choose all correct answers)

Install NPS on a dedicated NPS server

Configure the clients to support NAP

Enable NAP for the DHCP scopes

Install NPS on the DHCP server

Link the DHCP server to the NPS server

Configure a DHCP server and create the appropriate DHCP scopes

Run the NAP wizard to configure the policies and define the remediation servers

6.

1 point

Which is used to make a computer NAP compliant when you have quarantined computers that are not compliant?

Reload Windows.

Reboot the computer.

Use remediation servers

Reset the computer account in the domain.

7.

1 point

You have several VPN servers configured using RRAS. What is the best way to collect information on when and how long someone is connected through the VPN?

RADIUS Accounting

Connection request policy

System health validators (SHVs)

Windows Accounting provider

Health policies

8.

1 point

Microsoft’s RADIUS server is known as which of the following?

AAA Server

Network Access Policy Server

Network Policy Server

Routing and Remote Access Server

9.

1 point

When a computer or device accesses a VPN server and uses RADIUS for authentication, what is the computer or device referred to as?

Access server

RADIUS client

Access client

RADIUS proxy

10.

1 point

Which three types of policies are available on the Network Policy Server (NPS)? (Choose all that apply.)

Network policies

Health policies

Connection request policies

Accounting policies

11.

1 point

When using a RADIUS proxy, which policy is used to determine what connection requests are forwarded to another RADIUS server?

Proxy forward policy

RADIUS proxy policy

Dynamic policy

Connection request policy

12.

1 point

With NAP, what defines the requirements for client computers to connect to a network that is connected?

SHV

SoH

RHA

SHA

13.

1 point

Identify the three As, in order, for AAA management. Not all of the answers will be used.

Attribute

Authentication

Accounting

Allowed access

Access control

Application

Authorization

14.

1 point

You have a server running Windows Server 2012 that is configured as a RRAS server and NAP server. You want only members of the global Group named Sales to connect using a VPN connection. What do you need to do to make this happen?

Create a new network policy and define a group-based condition for the Sales group. Set the access permission of the policy to Access Granted. Set the processing order of the policy to Default.

Create a new Connection Request policy and define a group-based condition for the Sales group. Set the access permission of the policy to Access Granted. Set the processing order of the policy to 1.

Add the Sales group to the RAS and IAS Servers group.

Create a new network policy and define a group-based condition for the Sales group. Set the access permission of the policy to Access Granted. Set the processing order of the policy to 1.

15.

1 point

Which of the following NAP enforcement mechanisms is considered the strongest?

RD Gateway

VPN

802.1

IPsec

DHCP

16.

1 point

Which policy would you use if you want to limit when a user can log in through the VPN?

Connection request policies

Network policies

Health policies

Accounting policies

17.

1 point

Which server is used as the NAP health policy server?

PMO

NPS

DNS

NAT