Your network contains an Active Directory domain named contoso.com. The domain contains two servers
named Server1 and Server2 that run Windows Server 2012.
Server2 establishes an IPSec connection to Server1.
You need to view which authentication method was used to establish the initial IPSec connection.
What should you do?
A.
From Windows Firewall with Advanced Security, view the quick mode security association.
B.
From Event Viewer, search the Application Log forevents that have an ID of 1704.
C.
From Event Viewer, search the Security Log for events that have an ID of 4672.
D.
From Windows Firewall with Advanced Security, view the main mode security association.
http://www.it.cornell.edu/services/managed_servers/howto/ipsec.cfm
Answer D
D
D
http://technet.microsoft.com/en-us/library/dd448497