Information Technology Reference
In-Depth Information
Objective 4.2: review
Correct answers:
B, C
1.
Incorrect
. User groups are available only as a condition of the network policy
A.
Correct
. The user name is a possible condition for the connection request policy
because it is part of a character string that typically includes a realm name.
B.
Correct
. The NAS Port Type identifies what port type was used by the client to
connect to the RADIUS server.
C.
Incorrect
. The MS Service Class is not available in the connection request policy.
D.
Correct answer:
C
2.
Incorrect
. The RRAS service is not a RADIUS server.
A.
Incorrect
. The RRAS service is not a RADIUS server.
B.
Correct
. NPS is a RADIUS server. Copying the configuration from Windows Server
2012 is not a problem, and you should copy the configuration from another mem-
ber of the same RADIUS server group.
C.
Incorrect
. NPS is a RADIUS server, and this is the same version of the operating
system. But copying the configuration from RAD1 would copy the RADIUS proxy
configuration, not the RADIUS server configuration.
D.
Correct answer:
A
3.
Correct
. The Tunnel Type condition includes the protocols that are used to con-
nect to the RADIUS server.
A.
Incorrect
. The Framed Protocol primarily includes dial-up protocols such as SLIP
and PPP.
B.
Incorrect
. Authentication Type specifies the authentication methods used, such as
CHAP, EAP, and MS-CHAPv2.
C.
Incorrect
. Allowed EAP Types specifies which EAP authentication methods are
allowed to be used.
D.
Objective 4.3: thought experiment
You need to enable NAP on your RADIUS servers and implement a health policy that
requires users to have their firewall turned on, have all current updates, and be free
of infection. You have to implement a remediation server group that you can redirect
noncompliant users to, including clients that don't have the NAP agent enabled.
1.
2.
You need to configure the remote computers to support NAP. Part of it can be done
via Group Policy, but you'll probably have to use a logon script during the transition
phase to set the startup for the Network Access Protection Agent.
