多选题You must configure access to the corporate network for employees using a client access method. Users require IPsec tunneling to protected resources and an 802.1X supplicant. Users will access the network using Windows platforms.Which two client access

第1题：

Your company has deployed Network Access Protection (NAP).You configure secure wireless access to the network by using 802.1X authentication from any access point.You need to ensure that all client computers that access the network are evaluated by NAP. What should you do?（）

• A、Configure all access points as RADIUS clients to the Remediation Servers.
• B、Configure all access points as RADIUS clients to the Network Policy Server (NPS).
• C、Create a Network Policy that defines Remote Access Server as a network connection method. 
• D、Create a Network Policy that specifies EAP-TLS as the only available authentication method.

第2题：

Your network consists of a single Active Directory domain. All servers run Windows Server 2008 R2.   All client computers run Windows 7. Some users have laptop computers and work remotely from home.   You need to plan a data provisioning infrastructure to secure sensitive files. Your plan must meet the following requirements:   èFiles must be stored in an encrypted format.   èFiles must be accessible by remote users over the Internet.   èFiles must be encrypted while they are transmitted over the Internet. What should you include in your plan?（）

• A、Deploy one Microsoft SharePoint Foundation 2010 site. Require users to access the SharePoint site by using a Secure Socket Transmission Protocol （SSTP） connection.
• B、Deploy two Microsoft SharePoint Foundation 2010 sites.Configure one site for internal users. Configure the other site for remote users. Publish the SharePoint sites by using HTTPS.
• C、Configure a Network Policy and Access Services （NPAS） server to act as a VPN server. Require remote users to access the files by using an IPsec connection to the VPN server.
• D、Store all sensitive files in folders that are encrypted by using Encrypting File System （EFS）. Require  remote users to access the files by using Secure Socket Transmission Protocol （SSTP）.

第3题：

Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do？（）

• A、Create an IPsec Enforcement Network policy.
• B、Create an 802.1X Enforcement Network policy.
• C、Create a Wired Network (IEEE 802.3) Group policy.
• D、Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.

第4题：

Your corporate network has a member server named RAS1 that runs windows server 2008. You configure RAS1 to use the routing and remote access service (RRAS). The companys remote access policy allows members of the domain users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do?（）

• A、Install the network policy server (NPS) on the RAS1 server.
• B、Create a remote access policy that requires users to authenticate by using SPAP.
• C、Create a remote access policy that requires uses to authenticate by using EAP-TLS.
• D、Create a remote access policy that requires uses to authenticate by using MS-CHAPv2.

第5题：

You have an Exchange Server 2010 organization.  The organization contains two servers named Server1 and Server2.  Server1 and Server2 have the Mailbox server role and the Hub Transport server role installed. Server 1 and Server2 are members of a database availability group （DAG）.  You need to plan the deployment of Client Access servers to meet the following requirements： .Users must be able to access their mailboxes if a single server fails .Users must not attempt to connect to a failed server  What should you include in your plan？（）

• A、On Server1 and Server2， install the Client Access server role. Implement failover clustering.
• B、On Server1 and Server2， install the Client Access server role. Configure network interface card （NIC） teaming on each server.
• C、Deploy two new Client Access servers. Implement load balancing by using DNS round robin.Create a Client Access server array.
• D、Deploy two new Client Access servers. Implement load balancing by using a Windows Network Load Balancing cluster. Create a Client Access server array.

第6题：

Your company has deployed Network Access Protection （NAP). You configure secure wireless access to the network by using 802.1x authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  what should you do（）？ 

• A、Configure all access points as RADIUS clients to the Remediation Servers
• B、Configure all access points as RADIUS clients to the Network Policy Server （NPS）
• C、Create a Network Policy that defines Remote Access Server as a network connection method
• D、Create a Network Policy that specifies EAP-TLS as the only availible authentication method.

第7题：

Your network contains an Active Directory domain. You have a server that runs Windows Server 2008 R2 and has the Remote Desktop Services server role enabled. All client computers run Windows 7. You need to plan the deployment of a new line-of-business application to all client computers. The  deployment must meet the following requirements：   èUsers must access the application from an icon on their desktops.   èUsers must have access to the application when they are not connected to the network. What should you do？（）

• A、Publish the application as a RemoteApp.
• B、Publish the application by using Remote Desktop Web Access （RD Web Access）.
• C、Assign the application to the Remote Desktop Services server by using a Group Policy object （GPO）.
• D、Assign the application to all client computers by using a Group Policy object （GPO）.

第8题：

第9题：

第10题：

第11题：

Your company's corporate network uses Network Access Protection (NAP).Users are able to connect to the corporate network remotely.You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible. What should you do?（）

• A、Apply an IPsec NAP policy.
• B、Configure a NAP policy for 802.1X wireless connections.
• C、Configure VPN connections to use MS-CHAP v2 authentication.
• D、Restrict Dynamic Host Configuration Protocol (DHCP) clients by using NAP.

第12题：

Your corporate network has a member server named RAS1 that runs Windows Server 2008 R2. You configure RAS1 to use the Routing and Remote Access Services (RRAS).The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees.You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection.What should you do？（）

• A、Install the Network Policy Server (NPS) server role on RAS1.
• B、Create a remote access policy that requires users to authenticate by using SPAP.
• C、Create a remote access policy that requires users to authenticate by using EAP-TLS.
• D、Create a remote access policy that requires users to authenticate by using MS-CHAP v2.

第13题：

You need to design an e-mail access strategy for remote users. What should you do? （） 

• A、 Instruct remote users to connect to their e-mail by using RPC
• B、 Instruct remote users to connect to Outlook Web Access by using only HTTPS
• C、 Instruct remote users to connect to the company network by using PPTP connections
• D、 Instruct remote users to connectd to their e-mail by using RPC over HTTP Configure the HTTP servers to require encryption.

第14题：

Your corporate network has a member server named RAS1 that runs Windows Server 2008. You configure RAS1 to use the Routing and Remote Access Service （RRAS） The companys remote access policy allows members of the Domain Users group to dial in to RAS1. The company issues smart cards to all employees. You need to ensure that smart card users are able to connect to RAS1 by using a dial-up connection. What should you do？（）

• A、 Install the Network Policy Server （NPS） on the RAS1 server
• B、 Create a remote access policy that requires users to authenticate by using SPAP
• C、 Create a remote access policy that requires users to authenticate by using EAP-TLS
• D、 Create a remote access policy that requires users to authenticate by using MS-CHAP v2

第15题：

Your network contains two Active Directory sites named Site1 and Site2. Only Site1 can be accessed from the Internet. You have an Exchange Server 2010 organization.  You deploy a Client Access server in Site1 and enable Windows Integrated Authentication for OutlookWeb App （OWA）.  In Site2， you deploy a Mailbox server and a Client Access server.  You need to configure the Exchange organization to meet the following requirements： .Allow users to access their mailboxes from the Internet by using OWA  .Prevent authentication prompts from displaying when users connect to OWA by using domain- joinedcomputers that are connected to the internal network  What should you do？（）

• A、Modify the Exchange virtual directory on the Client Access server in Site1.
• B、Modify the Exchange virtual directory on the Client Access server in Site2.
• C、Modify the OWA virtual directory on the Client Access server in Site1.
• D、Modify the OWA virtual directory on the Client Access server in Site2.

第16题：

Your companys corporate network uses Network Access Protection （NAP）. Users are able to connect to the corporate network remotely. You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible.  What should you do（）？ 

• A、Apply an IPsec NAP policy.
• B、Configure a NAP Policy for 802.1x Wireless connections
• C、Configure VPN connections to use MS-CHAP v2 authentication
• D、Restrict Dynamic Host Configuration Protocol （DHCP） clients by using NAP

第17题：

Your network contains two Active Directory sites named Site1 and Site2. Only Site1 can be accessed from the Internet. You have an Exchange Server 2010 organization.  You deploy a Client Access server in Site1 and enable Windows Integrated Authentication for OutlookWeb App （OWA）.  In Site2， you deploy a Mailbox server and a Client Access server.  You need to configure the Exchange organization to meet the following requirements： .Allow users to access their mailboxes from the Internet by using OWA  .Prevent authentication prompts from displaying when users connect to OWA by using domain- joined computers that are connected to the internal network  What should you do？（）

• A、Modify the Exchange virtual directory on the Client Access server in Site1.
• B、Modify the Exchange virtual directory on the Client Access server in Site2.
• C、Modify the OWA virtual directory on the Client Access server in Site1.
• D、Modify the OWA virtual directory on the Client Access server in Site2.

第18题：

第19题：