The ABC.com network consists of a single Active Directory domain named ABC.com. All servers
on the ABC.com network run Windows Server 2003 and all client computers run Windows XP
Professional.
All client computers are located in an organizational unit named ABC-Clients. All servers are
located in an organizational unit named ABC-Servers.
Several servers host sensitive data. A new ABC security policy states that communications with
those servers should be encrypted whereas communications with other servers should remain
unencrypted.
The Default Domain group policy has the default Client (Respond only) IPSec policy enabled. A
GPO with a custom IPSec policy is applied to the ABC-Servers OU.
While monitoring network connections, you find that no encryption is applied to network
communications.
How would you examine the policies that are being applied to the servers that contain sensitive
data?
A.
Use an RSoP logging mode query and specify the name of a server that contains sensitive
data.
B.
Examine the System Event Logs using Event Viewer to see which GPOs have been applied.
C.
Examine the properties of the ABC-Servers OU in Active Directory Users and Computers.
D.
Use Network Monitor to capture the data packets on the network card of a server containing
sensitive data.
Explanation:
You can use RSoP to view all the effective group policy settings for a computer or
user, including the IPSec policies. To use RSoP, you must first load the snap-in into an MMC
console, and then perform a query on a specific computer (select Generate RSoP Data from the
Action menu), specifying the information you want to gather. The result is a display of the group
policy settings that the selected computer is using.
You can run an RSoP logging mode query to view all of the IPSec policies that are assigned to an
IPSec client. The query results display the precedence of each IPSec policy assignment, so that
you can quickly determine which IPSec policies are assigned but are not being applied and which
IPSec policy is being applied.
When you run a logging mode query, RSoP retrieves policy information from the WMI repository
on the target computer, and then displays this information in the RSoP console. In this way, RSoP
provides a view of the policy settings that are being applied to a computer at a given time.
Reference:
Craig Zacker, MCSE Self-Paced Training Kit (Exam 70-293): Planning and Maintaining a Microsoft
Windows Server 2003 Network Infrastructure, Microsoft Press, Redmond, Washington, Chapter 12
Martin Grasdal, Laura E. Hunter, Michael Cross, Laura Hunter, Debra Littlejohn Shinder, and Dr.
Thomas W. Shinder, Planning and Maintaining a Windows Server 2003 Network Infrastructure:
Exam 70-293 Study Guide & DVD Training System, Syngress Publishing, Inc., Rockland, MA,
Chapter 10, pp. 768