DRAG DROP
Your network contains an Active Directory domain named adatum.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured
as a Network Policy Server (NPS) server and as a DHCP server.
You need to log all DHCP clients that have windows Firewall disabled.
Which three actions should you perform in sequence? To answer, move the three
appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer: 
Explanation:
http: //technet.microsoft.com/es-es/library/dd314198%28v=ws.10%29.aspx
http: //technet.microsoft.com/es-es/magazine/2009.05.goat.aspx
http: //technet.microsoft.com/es-es/library/dd314173%28v=ws.10%29.aspx
http: //ripusudan.wordpress.com/2013/03/19/how-to-configure-nap-enforcement-for-dhcp/
http: //technet.microsoft.com/es-es/magazine/2009.05.goat.aspx
http: //technet.microsoft.com/en-us/library/dd125379%28v=ws.10%29.aspx
http: //technet.microsoft.com/en-us/library/cc772356%28v=ws.10%29.aspx* With NPS, you can create client health policies using SHVs that allow NAP to detect,
enforce, and remediate client computer configurations.
WSHA and WSHV provide the following functionality for NAP-capable computers:
The client computer has firewall software installed and enabled.
* Example measurements of health include:
The operational status of Windows Firewall. Is the firewall enabled or disabled?
In NAP terminology, verifying that a computer meets your defined health requirements is
called health policy validation. NPS performs health policy validation for NAP.
http://technet.microsoft.com/en-us/library/cc772356(v=ws.10).aspx
You need connection request policies too.
Every question gets stupider and stupider. No wonder people fail this exam five times in a row.
dont
“Server1 is configured as a Network Policy Server (NPS) server and as a DHCP server.” When NPS and DHCP are stored on the same server, you don’t configure connection request policies.
Agree, the question is stupid. This is the thing: It doesn’t say that you need to establish the connection (connection request policy is a RADIUS, or authentication bit), for all we know a connection already exists. How do we know? Because we need the other tree options, so therefore on the guessing game, we are forced to guess that this is already taken care of in order to have enough slots for our three needed options.
What I’m not clear on is the order in which they are being picked. Can somebody explain why this order?
For someone who is commenting on a lot of these questions sysadmin seems to know very little. Questions are for people doing exam prep after training not before.
I hate it when they pick over the order of things it is utter BS! During the creation of some of the policies you can create others in it any way. For example when creating a network policy you can choose to create a new health policy. Or you can pick an already created health policy when creating a network. Does it matter what was created first, clearly not!! Also if you wish to do a full setup from scratch there is a wizard that will do it all for you.
The answer given is actually the correct one: since we do not need a connection request policy (since we are not asked to forward the accounting anywhere) and a remediation group policy (because it has nothing to do with accounting), and we have to pick 3 options, the only proper order we can use is the one provided.
Tested in the lab, don’t have any issues with the answer.
I think its connection request bacuse only there, accounting options are available
default policy works, no need for a new one. accounting was not part of question, just “logging”, I assume NPS is configured appropriately