Your company uses Network Access Protection (NAP) to enforce..

第1题

Your company uses Network Access Protection （NAP) to enforce policies on client computers

Your company uses Network Access Protection (NAP) to enforce policies on client computers that connect to the network.Client computers run Windows 7. A Group Policy is used to configure client computers to obtain updates from Windows Server Update Services (WSUS).Company policy requires that updates labeled Important and Critical must be applied before client computers can access network resources.You need to ensure that client computers meet the company policy requirement.What should you do？（）

A. Enable automatic updates on each client.

B. Enable the Security Center on each client.

C. Quarantine clients that do not have all available security updates installed.

D. Disconnect the connection until the required updates are installed.

点击查看答案

第2题

Network Access Protection （NAP) is configured for the corporate network.Users connect to t

Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do？（）

A. Create an IPsec Enforcement Network policy.

B. Create an 802.1X Enforcement Network policy.

C. Create a Wired Network (IEEE 802.3) Group policy.

D. Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.

点击查看答案

第3题

Your company has active directory certificate services （AD CS) and network access protecti

Your company has active directory certificate services (AD CS) and network access protection (NAP) deployed on the network. You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network. What should you do？（）

A.Configure all access points to use 802.1x authentication.

B.Configure all protable computers to use MS-CHAP v2 authentication.

C.Use the group policy management console to access the wireless group policy settings, and enable the prevent connections to ad-hoc network option.

D.Use the group policy management console to access the wireless group policy settings, and disable the prevent connections to infrastructure networks option.

点击查看答案

第4题

Your company has Active Directory Certificate Services （AD CS) and Network Access Protecti

Your company has Active Directory Certificate Services (AD CS) and Network Access Protection (NAP) deployed on the network.You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network.What should you do？（）

A. Configure all access points to use 802.1X authentication.

B. Configure all portable computers to use MS-CHAP v2 authentication.

C. Use the Group Policy Management Console to access the wireless Group Policy settings, and enable the Prevent connections to ad-hoc networks option.

D. Use the Group Policy Management Console to access the wireless Group Policy settings, and disable the Prevent connections to infrastructure networks option.

点击查看答案

第5题

微软的网络准入控制技术标准简称是（)。A、Network Admission Control （NAC)B、Network Access P

微软的网络准入控制技术标准简称是()。

A、Network Admission Control (NAC)

B、Network Access Protection (NAP)

C、rusted Network Connect (TNC)

D、RADIUS

点击查看答案

第6题

Your network contains one Active Directory domain. You have a member server named Server1

that runs Windows Server 2008 R2. The server has the Routing and Remote Access Services role service installed.You implement Network Access Protection (NAP) for the domain.You need to configure the Point-to-Point Protocol (PPP) authentication method on Server1.Which authentication method should you use？（）

A. Challenge Handshake Authentication Protocol (CHAP)

B. Extensible Authentication Protocol (EAP)

C. Microsoft Challenge Handshake Authentication Protocol version 2 (MS-CHAP v2)

D. Password Authentication Protocol (PAP)

点击查看答案

第7题

Your company has deployed network access protection （NAP) enforcement for VPNs. You need to ensure that the health of all clients can be monitored and reported. What should you do？（）

A.Create a group policy object (GPO) that enabled security center and link the policy to the domain.

B.Create a group policy object (GPO) that enabled security center and link the policy to the domain controllers organizational unit (OU).

C.Create a group policy object (GPO) and set the require trusted path for credential entry option to enabled. Link the policy to the domain.

D.Create a group policy object (GPO) and set the require trusted path for credential entry option to Enabled. Link the policy to the domain controllers organizational unit (OU).

点击查看答案

第8题

Your company has deployed Network Access Protection （NAP) enforcement for VPNs.You need to ensure that the health of all clients can be monitored and reported.What should you do？（）

A. Create a Group Policy object (GPO) that enables Security Center and link the policy to the domain.

B. Create a Group Policy object (GPO) that enables Security Center and link the policy to the Domain Controllers organizational unit (OU).

C. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the domain.

D. Create a Group Policy object (GPO) and set the Require trusted path for credential entry option to Enabled. Link the policy to the Domain Controllers organizational unit (OU).

点击查看答案

第9题

Your network consists of a single Active Directory domain. All servers run Windows Server 2003Service Pack 2 (SP2). All client computers run Windows XP Professional Service Pack 3 (SP3).You assign NTFS permissions to a folder on a file server as shown in the following table.You share the folder and assign the Change permission to the Everyone group.A user named User1 is a member of Group1, Group2, and Group3.You need to identify the least restrictive NTFS permission that User1 has when he accesses the folderover the network.Which permission should you identify? （）

A. Full Control

B. Modify

C. Read

D. Write

点击查看答案

第10题

Your network consists of a single Active Directory domain. The domain includes a group namedSalesUsers.You have a file server that runs Windows Server 2003 Service Pack 2 (SP2).The server has a folder named CorpData. You share the CorpData folder and assign the Domain Usersgroup the Full Control share permission.In the CorpData folder, you create a folder named Sales.You need to configure security for the Sales folder to meet the following requirements:·Members of the SalesUsers group must be able to read, create, and modify all files and folders.·All other users must be able to view items in the folder.What should you do? （）

A. On the Sales folder, block permission inheritance and remove permissions. Assign the Allow - Modify permission to the SalesUsers group.

B. On the Sales folder, block permission inheritance and copy permissions. On the Sales folder, assign the Allow - Modify permission to the SalesUsers group.

C. On the CorpData share, change the share permission for Domain Users to Read. On the Sales folder, assign the Allow - Modify permissions to the SalesUsers group.

D. On the CorpData folder, block permission inheritance and remove permissions. In the Sales folder, assign the Allow - Modify permissions to the SalesUsers group.

点击查看答案