单选题Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00.  What should you do( )?A Create a network policy for VPN co

题目
单选题
Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00.  What should you do( )?
A

Create a network policy for VPN connections. modify the Day and time restrictions.

B

Create a network policy for VPN connections. apply an ip filter to deny access to the corporate network.

C

Modify the Logon hours for all users objects to specify only the VPN server otn he computer restrictions option

D

Modify the Logon hours for the default domain policy to enable the Force logoff when logon hours expire option.

相似考题

1.You have a computer that runs Windows Vista. You create a virtual private network (VPN) connection between the computer and your company’s network.You notice that while the computer is connected through the VPN connection, users on the company network can access shared folders on the computer.You need to prevent network users from accessing your shared folders when you are connected to the company’s network by using the VPN connection.What should you do?()A.AB.BC.CD.D

2. Your corporate network has a member server named RAS1 that runs Windows Server 2008 R2. You configure RAS1 to use the Routing and Remote Access Services (RRAS). The companyˉs remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do?()A、Install the Network Policy Server (NPS) server role on RAS1.B、Create a remote access policy that requires users to authenticate by using SPAP.C、Create a remote access policy that requires users to authenticate by using EAP-TLS.D、Create a remote access policy that requires users to authenticate by using MS-CHAP v2.

3.Your network consists of a single Active Directory domain. The remote access permission for all users is set to Control access through Remote Access Policy. You have a VPN server named Server1 that runs Windows Server 2003 Service Pack 2 (SP2). The current configuration allows all authenticated users to establish VPN connections to Server1. You create a global group named Group1.You need to prevent all members of Group1 from establishing VPN connections to Server1. What should you do?()A、From the local computer policy on Server1, modify the Account Policies settings. B、From Active Directory Users and Computers, modify the Security settings of Group1. C、From the Routing and Remote Access snap-in, create a new remote access policy. D、From the Routing and Remote Access snap-in, open the properties of Server1 and modify the security options.

4.Your company has a single active directory domain. The company network is protected by a firewall. Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: Error 721: The remote computer is not responding. You need to ensure that users can establish a VPN connection. What should you do? ()A、Open port 1423 on the firewallB、Open port 1723 on the firewallC、Open port 3389 on the firewallD、Open port 6000 on the firewall

更多“单选题Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00.  What should you do( )?A Create a network policy for VPN co”相关问题

  • 第1题:

    Your company has a single Active Directory domain. The company network is protected by a firewall.Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: °Error 721: The remote computer is not responding.You need to ensure that users can establish a VPN connection. What should you do?()

    • A、Open port 1423 on the firewall.
    • B、Open port 1723 on the firewall.
    • C、Open port 3389 on the firewall.
    • D、Open port 6000 on the firewall.

    正确答案:B

  • 第2题:

    Your company has an Active Directory domain. A server named Server1 runs Windows Server 2008. The Terminal Services role and the Terminal Services Web Access role service are installed on Server1.You install the Terminal Services Gateway role service on Server1. You create the Terminal Services connection authorization policy. Users report that they cannot connect to Server1. You need to ensure that users can connect to Server1. What should you do?()

    • A、Configure Network Access Protection (NAP) on Server1.
    • B、Configure the Terminal Services Resource Authorization Policy (RAP) on Server1.
    • C、Create a Terminal Services Group Policy object (GPO). Enable the Allow users to connect remotely using Terminal Services setting on the GPO. Link the GPO to the domain.
    • D、Create a Terminal Services Group Policy object (GPO). Enable the Set path for TS Roaming Profiles setting on the GPO. Create an organization unit (OU) named TSUsers. Link the GPO to the TSUsers OU.

    正确答案:B

  • 第3题:

    Your company has users who connect remotely to the main office through a Windows Server 2008 VPN server.You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00. What should you do?()

    • A、Create a network policy for VPN connections. Modify the Day and time restrictions.
    • B、Create a network policy for VPN connections. Apply an IP filter to deny access to the corporate network.
    • C、Modify the Logon hours for all user objects to specify only the VPN server on the Computer restrictions option.
    • D、Modify the Logon Hours for the default domain policy to enable the Force logoff when logon hours expire option.

    正确答案:C

  • 第4题:

    Your corporate network has a member server named RAS1 that runs Windows Server 2008. You configure RAS1 to use the Routing and Remote Access Service (RRAS) The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do?()

    • A、 Install the Network Policy Server (NPS) on the RAS1 server
    • B、 Create a remote access policy that requires users to authenticate by using SPAP
    • C、 Create a remote access policy that requires users to authenticate by using EAP-TLS
    • D、 Create a remote access policy that requires users to authenticate by using MS-CHAP v2

    正确答案:C

  • 第5题:

    You are the network administrator for your company. The network consists of a single Active Directory domain.  The company has remote users in the sales department who work from home. The remote users’ client computers run Windows XP Professional, and they are not members of the domain. The remote users’ client computers have local Internet access through an ISP.   The company is deploying a Windows Server 2003 computer named Server1 that has Routing and Remote Access installed. Server1 will function as a VPN server, and the remote users will use it to connect to the company network. Confidential research data will be transmitted from the remote users’ client computers. Security is critical to the company and Server1 must protect the remote users’ data transmissions to the main office. The remote client computers will use L2TP/IPSec to connect to the VPN server.  You need to choose a secure authentication method.   What should you do? ()

    • A、 Use the authentication method of the default IPSec policies.
    • B、 Create a custom IPSec policy and use the Kerberos version 5 authentication protocol.
    • C、 Create a custom IPSec policy and use certificate-based authentication.
    • D、 Create a custom IPSec policy and use preshared key authentication.
    • E、 Use the authentication method of the Routing and Remote Access custom IPSec policy for L2TP connection.

    正确答案:C

  • 第6题:

    You want to configure your Windows 2000 Professional computer to remotely access your company’s Windows 2000 routing and remote access server. You configure a VPN connection. For security purposes, you configure the VPN connection to use MS-CHAP v2 only and to require encryption. You also configure TCP/IP to obtain an IP address automatically, to enable IPSec, and to set IPSec to secure server. When you try to connect, you receive the following error message, “The encryption attempt failed because no valid certificate was found.” What should you do to connect to the server? ()

    • A、Enable the VPN connection to use MS-CHAP.
    • B、Change the data encryption setting to Optional Encryption.
    • C、Specify a TCP/IP address in the network properties.
    • D、Change the IPSec policy setting to Client.

    正确答案:D

  • 第7题:

    单选题
    You want to configure your Windows 2000 Professional computer to remotely access your company’s Windows 2000 routing and remote access server. You configure a VPN connection. For security purposes, you configure the VPN connection to use MS-CHAP v2 only and to require encryption. You also configure TCP/IP to obtain an IP address automatically, to enable IPSec, and to set IPSec to secure server. When you try to connect, you receive the following error message, “The encryption attempt failed because no valid certificate was found.” What should you do to connect to the server? ()
    A

    Enable the VPN connection to use MS-CHAP.

    B

    Change the data encryption setting to Optional Encryption.

    C

    Specify a TCP/IP address in the network properties.

    D

    Change the IPSec policy setting to Client.


    正确答案: D
    解析: 暂无解析

  • 第8题:

    单选题
    You want to configure your Windows 2000 Professional computer to remotely access your company's Windows 2000 Routing and Remote Access server. You configure a VPN connection. For security purposes, you configure the VPN connection to use MS-CHAP v2 only and to require encryption. You also configure TCP/IP to obtain an IP address automatically, to enable IPSec, and to set IPSec to Secure Server.  When you try to connect, you receive the following error message, "The encryption attempt failed because no valid certificate was found."  What should you do to connect to the server? ()
    A

    Enable the VPN connection to use MS-CHAP.

    B

    Change the data encryption setting toOptional Encryption.

    C

    Specify a TCP/IP address in theNetworkproperties.

    D

    Change the IPSec policy setting toClient.


    正确答案: B
    解析: 暂无解析

  • 第9题:

    单选题
    Your company has a single Active Directory domain. The company network is protected by a firewall.Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: °Error 721: The remote computer is not responding.You need to ensure that users can establish a VPN connection. What should you do?()
    A

    Open port 1423 on the firewall.

    B

    Open port 1723 on the firewall.

    C

    Open port 3389 on the firewall.

    D

    Open port 6000 on the firewall.


    正确答案: A
    解析: 暂无解析

  • 第10题:

    单选题
    You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service (IAS). Server1 provides VPN access to the network for users’ home computers.   You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized.  You need to configure Server1 to log the details of access attempts by VPN users.   What should you do?  ()
    A

     Configure the system event log to Do not overwrite.

    B

     In IAS, in Remote Access Logging, enable the Authentication requests setting.

    C

     Configure the Remote Access server to Log all events.

    D

     Create a custom remote access policy and configure it for Authentication-Type.


    正确答案: D
    解析: 暂无解析

  • 第11题:

    单选题
    Your company has an Active Directory domain. A server named Server1 runs Windows Server 2008. The Terminal Services role and the Terminal Services Web Access role service are installed on Server1.You install the Terminal Services Gateway role service on Server1. You create the Terminal Services connection authorization policy. Users report that they cannot connect to Server1. You need to ensure that users can connect to Server1. What should you do?()
    A

    Configure Network Access Protection (NAP) on Server1.

    B

    Configure the Terminal Services Resource Authorization Policy (RAP) on Server1.

    C

    Create a Terminal Services Group Policy object (GPO). Enable the Allow users to connect remotely using Terminal Services setting on the GPO. Link the GPO to the domain.

    D

    Create a Terminal Services Group Policy object (GPO). Enable the Set path for TS Roaming Profiles setting on the GPO. Create an organization unit (OU) named TSUsers. Link the GPO to the TSUsers OU.


    正确答案: B
    解析: 暂无解析

  • 第12题:

    单选题
    Your company has users who connect remotely to the main office through a Windows Server 2008 VPN server.You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00. What should you do?()
    A

    Create a network policy for VPN connections. Modify the Day and time restrictions.

    B

    Create a network policy for VPN connections. Apply an IP filter to deny access to the corporate network.

    C

    Modify the Logon hours for all user objects to specify only the VPN server on the Computer restrictions option.

    D

    Modify the Logon Hours for the default domain policy to enable the Force logoff when logon hours expire option.


    正确答案: A
    解析: 暂无解析

  • 第13题:

    You deploy a Windows Server 2008 R2 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows 7.The firewall is configured to allow only secured Web communications.You need to enable remote users to connect as securely as possible. You must achieve this goal without opening any additional ports on the firewall.What should you do?()

    • A、Create an IPsec tunnel.
    • B、Create an SSTP VPN connection.
    • C、Create a PPTP VPN connection.
    • D、Create an L2TP VPN connection.

    正确答案:B

  • 第14题:

    You are the network administrator for your company. The network consists of a single Active Directory domain. The network contains Windows Server 2003 file servers. The network also contains a Windows Server 2003 computer named Server1 that runs Routing and Remote Access and Internet Authentication Service (IAS). Server1 provides VPN access to the network for users’ home computers.   You suspect that an external unauthorized user is attempting to access the network through Server1. You want to log the details of access attempts by VPN users when they attempt to access the network. You want to compare the IP addresses of users’ home computers with the IP addresses used in the access attempts to verify that the users are authorized.  You need to configure Server1 to log the details of access attempts by VPN users.   What should you do?  ()

    • A、 Configure the system event log to Do not overwrite.
    • B、 In IAS, in Remote Access Logging, enable the Authentication requests setting.
    • C、 Configure the Remote Access server to Log all events.
    • D、 Create a custom remote access policy and configure it for Authentication-Type.

    正确答案:B

  • 第15题:

    Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00.  What should you do( )? 

    • A、Create a network policy for VPN connections. modify the Day and time restrictions.
    • B、Create a network policy for VPN connections. apply an ip filter to deny access to the corporate network.
    • C、Modify the Logon hours for all users objects to specify only the VPN server otn he computer restrictions option
    • D、Modify the Logon hours for the default domain policy to enable the Force logoff when logon hours expire option.

    正确答案:A

  • 第16题:

    You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do?()

    • A、Install Internet Authentication Services (IAS) on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients
    • B、Install Internet Authentication Services (IAS) on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients
    • C、Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection
    • D、Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connection

    正确答案:A

  • 第17题:

    You deploy Windows Server 2008 VPN server behind a firewall. Remote users connect to the VPN by using portable computers that run Windows Vista with the latest service pack. The firewall is configured to allow only secured web communications. You need to enable remote users to connect as securely as possible. you must achieve this goal without opening any additional ports on the firewall.  What should you do ( )? 

    • A、Create an IPsec tunnel
    • B、Create an SSTP VPN connection
    • C、Create a PPTP VPN connection
    • D、Create an L2TP VPN connection

    正确答案:B

  • 第18题:

    All client computers on your company network run Windows XP and are members of an Active Directory Domain Services domain. You plan to migrate all computers to Windows 7. You also plan to deploy a new VPN server to support remote network access for the computers. You need to ensure that all computers will be supported for remote access during the migration to Windows 7. What should you do?()

    • A、Set the VPN server to Layer 2 Tunneling Protocol.
    • B、Set the VPN server to Secure Socket Tunneling Protocol.
    • C、Set the VPN server to Internet Key Exchange version 2.
    • D、Configure the Direct Access feature on the VPN server.

    正确答案:A

  • 第19题:

    单选题
    Your company has users who connect remotely to the main office though a Windows Server 2008 VPN server. You need to ensure that users cannot access the VPN server remotely from 22:00 to 05:00.  What should you do( )?
    A

    Create a network policy for VPN connections. modify the Day and time restrictions.

    B

    Create a network policy for VPN connections. apply an ip filter to deny access to the corporate network.

    C

    Modify the Logon hours for all users objects to specify only the VPN server otn he computer restrictions option

    D

    Modify the Logon hours for the default domain policy to enable the Force logoff when logon hours expire option.


    正确答案: A
    解析: 暂无解析

  • 第20题:

    单选题
    Your company has a single active directory domain. The company network is protected by a firewall. Remote users connect to your network through a VPN server by using PPTP. When the users try to connect to the VPN server, they receive the following error message: Error 721: The remote computer is not responding. You need to ensure that users can establish a VPN connection. What should you do? ()
    A

    Open port 1423 on the firewall

    B

    Open port 1723 on the firewall

    C

    Open port 3389 on the firewall

    D

    Open port 6000 on the firewall


    正确答案: C
    解析: 暂无解析

  • 第21题:

    单选题
    You need to design a remote access authentication strategy that will allow users in the IT department to remotely connect to the network. Your solution must meet security requirements. What should you do?()
    A

    Install Internet Authentication Services (IAS) on a server in the den.corp.woodgrovebank.com domain. Configure the VPN servers as RADIUS clients

    B

    Install Internet Authentication Services (IAS) on a stand-alone server in the Denver extranet. Create local user accounts for the IT personnel on the IAS server. Configure the VPN servers as RADIUS clients

    C

    Create a remote access policy on each of the VPN servers. Configure the policy to use the den.corp.woodgrovebank.com to authenticate remote access users. Configure the policy to require L2TP to establish a connection

    D

    Create a remote access policy on each of the VPN servers. Create local user accounts for the IT personnel on the VPN servers. Configure the policy to use the VPN servers’ local accounts database to authenticate users. Configure the policy to require L2TP to establish a connection


    正确答案: C
    解析: 暂无解析

  • 第22题:

    单选题
    You are the systems engineer for your company. The network consists of a single Active Directory domain. The company has a main office and two branch offices. All servers run Windows Server 2003. All client computers run either Windows XP Professional or Windows 2000 Professional.   Each branch office maintains a dedicated 256-Kbps connection to the main office. Each office also maintains a T1 connection to the Internet. Each office has a Microsoft Internet Security and Acceleration (ISA) Server 2000 computer, which provides firewall and proxy services on the Internet connection. Each branch office contains one domain controller and five servers that are not domain controllers. There is minimal administrative staff at the branch offices.  A new company policy states that all servers must now be remotely administered by administrators in the main office. The policy states that all remote administration connections must be authenticated by the domain and that all traffic must be encrypted. The policy also states that the remote administration traffic must never be carried in clear text across the Internet.   You choose to implement remote administration by enabling Remote Desktop connections on all servers on the network. You decide to use the Internet-connected T1 lines for remote administration connectivity between offices.   Because administrative tasks might require simultaneous connections to multiple servers across the network, you need to ensure that administrators do not lose connections to servers in one office when they attempt to connect to servers in another office.   What should you do? ()
    A

     Configure Routing and Remote Access on one server in each branch office. Create L2TP/IPSec VPN ports on these servers. Create new VPN connections on the administrators’ computers to connect to the VPN servers in the branch offices.

    B

     Configure a VPN server in each branch office. Create connections that use IPSec Authentication Header (AH) in tunnel mode from the main office connect to VPN servers in the branch offices.

    C

     Configure a local L2TP/IPSec VPN connection on the ISA Server 2000 firewall computer in the main office. Configure the ISA Server 2000 firewall computers at the branch offices as remote L2TP/IPSec VPN servers.

    D

     Configure a local PPTP VPN connection on the ISA Server 2000 firewall computers in each branch office. Configure the ISA Server 2000 firewall computer at the main office as a remote PPTP VPN server.


    正确答案: A
    解析: 暂无解析

  • 第23题:

    单选题
    All client computers on your company network run Windows XP and are members of an Active Directory Domain Services domain. You plan to migrate all computers to Windows 7. You also plan to deploy a new VPN server to support remote network access for the computers. You need to ensure that all computers will be supported for remote access during the migration to Windows 7. What should you do?()
    A

    Set the VPN server to Layer 2 Tunneling Protocol.

    B

    Set the VPN server to Secure Socket Tunneling Protocol.

    C

    Set the VPN server to Internet Key Exchange version 2.

    D

    Configure the Direct Access feature on the VPN server.


    正确答案: B
    解析: 暂无解析

  • 第24题:

    单选题
    You are the network administrator for your company. The network consists of a single Active Directory domain.  The company has remote users in the sales department who work from home. The remote users’ client computers run Windows XP Professional, and they are not members of the domain. The remote users’ client computers have local Internet access through an ISP.   The company is deploying a Windows Server 2003 computer named Server1 that has Routing and Remote Access installed. Server1 will function as a VPN server, and the remote users will use it to connect to the company network. Confidential research data will be transmitted from the remote users’ client computers. Security is critical to the company and Server1 must protect the remote users’ data transmissions to the main office. The remote client computers will use L2TP/IPSec to connect to the VPN server.  You need to choose a secure authentication method.   What should you do? ()
    A

     Use the authentication method of the default IPSec policies.

    B

     Create a custom IPSec policy and use the Kerberos version 5 authentication protocol.

    C

     Create a custom IPSec policy and use certificate-based authentication.

    D

     Create a custom IPSec policy and use preshared key authentication.

    E

     Use the authentication method of the Routing and Remote Access custom IPSec policy for L2TP connection.


    正确答案: B
    解析: 暂无解析

相关内容