Where is the default connection policy set to process all authentication requests?
on the domain controller
at the RADIUS proxy server
locally
in a separate database
Network policies determine what two important connectivity constraints?
who is authorized to connect
the DHCP server for the connection
the DNS server for the connection
the connection circumstances for connectivity
When should you not use the command-line method of exporting and importing the NPS configuration?
when the source NPS server and target NPS servers are on different IP subnets
when the source NPS database has a higher version number than the version number of destination NPS database
when the source NPS server and target NPS servers are different versions of Windows Server
when your network policy forbids the export of the NPS configuration
To which type of file do you export an NPS configuration?
TXT
DOC
XML
NPS
When the Remote Access server finds an NPS network policy with conditions that match the incoming connection attempt, the server checks any _______________ that have been configured for the policy
realms
constraints
options
permissions
Why would you set up a monitor-only NAP policy on your network?
You don't want to force updates, which may include reboots, on client computers.
You are testing your NAP rollout before implementation
You want to track compliance but not enforce it
You are afraid that enforcement would violate privacy
Identify two remediation server types
Anti-virus/anti-malware servers
Software update server
Terminal servers
RRAS servers
What type of Active Directory domain controller is recommended to minimize security risks for remediation servers?
Windows Server 2012
Windows Server 2008 R2
read-only
updated and compliant
Because NAP is provided by __________, you need to install _________ to install NAP.
NPS, NPS
DNS, NPS
DHCP, NPS
AD, NPS
Which of the following is the strongest type of encryption?
MPPE 40-Bit
MPPE 56-Bit
MPPE 128-Bit
No Encryption
Why do you need a web server as part of your NAP remediation infrastructure?
to provide user information in case of a compliance failure
to provide Internet access to users who fail compliance
to redirect user requests for restored network access
to further assess how far out of compliance a user system is
Network Access Protection (NAP) is Microsoft's software for controlling network access of computers based on what?
a computer's IP address and VLAN
a computer's overall health
a computer's Windows version
a computer's network functionality (role)
Where do you look to find out which computers are blocked and which are granted access via NAP?
the local system's Event Viewer
the AD Event Viewer
the RADIUS Server Event Viewer
the NAP Server Event Viewer
Which two of the following are Routing and Remote Access IP settings?
Server Must Request an IP Address
Client May Request an IP Address
Server Must Supply an IP Address
Client Must Supply an IP Adddress
An NPS policy is a set of permissions or restrictions that determine what three aspects of network connectivity?
who, what, and where
who, when, and how
who, when, and where
who, how, and how long
Identify the correct NPS templates. Select all that apply.
Shared Secrets
NPS FIlters
Health Policies
RADIUS Clients
Health policies are connected to what two other policies?
compliance policies
network policies
connection request policies
performance policies
When you fully engage NAP for remediation enforcement, what mode do you place the policy in?
enforcement
isolation
assessment
compliance
You should restrict access only for clients that don't have all available security updates installed if what situation exists?
the computer are-running NAP
the computers are running SHA
the computers are running Windows Update
the computers are running anti-virus software
Network Access Policy is part of which larger scope NPS policy?
connection request
network
Health
realm
What is the last setting in the Routing and Remote Access IP settings?
the number of assigned IP addresses
which DHCP server will supply the request
which NPS server to connect to
how IP addresses are assigned
What command-line utility is used to import and export NPS templates?
dnscmd
netsh
msconfig
net
Which Routing and Remote Access IP setting is the default setting?
assign a static IP address
Server Settings Determine IP Address Assignment
server must connect to the assigned realm
client may request a specific DNS server
why is maintaining system health so important?
for hardware and software upgrade purposes
to track and prevent system failures
to prevent illegal downloading
to maintain a safe computing environment
Why is there a No Encryption option for network connections?
to accommodate devices (clients) that don't support encryption
to test connectivity before applying an encryption scheme
to allow for third-party encryption programs that might be incompatible with native encryption
to allow certain trusted connections to remain unencrypted
Which variable can be set to authorize or deny a remote connection?
group membership
bandwidth limitations
corporate status
job role
To verify a NAP client's configuration, which command would you run?
netsh nap show state
netsh nap client show state
netsh nps nap show state
netsh nps nap agent state
What happens to a computer that isn't running Windows Firewall?
The computer is isolated
the computer is powered off
a server message is sent to the computer
an event is logged
Which two components must a NAP client have enabled in order to use NAP?
DHCP client
windows update
Security Center
NAP Agent
What is the purpose of the System Health Agent (SHA)?
to provide feedback to the system for CPU, memory, and disk health
to provide feedback to the security health validator (SHV)
to provide feedback on the status of system protection and updates
to provide feedback on the overall critical performance to a central collector
When enabling NAP for DHCP scopes, how should you roll out the service?
all at once
on test systems only
for individual DHCP scopes
for individual computers
