Which two settings should you configure?

Your network contains an Active Directory domain named adatum.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured
as a Network Policy Server (NPS) server and as a DHCP server.

You need to ensure that only computers that send a statement of health are checked for
Network Access Protection (NAP) health requirements.
Which two settings should you configure? (Each correct answer presents part of the solution.
Choose two.)

Your network contains an Active Directory domain named adatum.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2. Server1 is configured
as a Network Policy Server (NPS) server and as a DHCP server.

You need to ensure that only computers that send a statement of health are checked for
Network Access Protection (NAP) health requirements.
Which two settings should you configure? (Each correct answer presents part of the solution.
Choose two.)

A.
The Called Station ID constraints

B.
The MS-Service Class conditions

C.
The Health Policies conditions

D.
The NAS Port Type constraints

E.
The NAP-Capable Computers conditions

Explanation:
http://technet.microsoft.com/en-us/library/cc753603.aspx
http://technet.microsoft.com/en-us/library/cc731220(v=ws.10).aspx
http://technet.microsoft.com/en-us/library/cc731560.aspx



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Ex

Ex

Correct answers are : C,E.

You need to ensure that only computers that send a statement of health are checked for
Network Access Protection (NAP) health requirements. So you need to set NAP-Capable Computers condition for Network policy.
Also you need to configure Health policies for Network policy to ensure that computers are checked for healt requirements.

These conditions are Connection request policy conditions :

The Called Station ID constraints – Allows you to specify the telephone number of the dial-up server that clients are allowed to use to access the network.

The NAS Port Type constraints – Allows you to specify the access media types that are allowed for users to connect to the network.
Allows you to specify the type of media used by the client computer to connect to the network. For example, if you specify Ethernet, the client computer must be
accessing the network over the media type of Ethernet. If you specify a media type and the client computer is connecting to the network over a different media type,
the conditions of the policy are not met. For example, if the designated media type is Wireless – IEEE 802.11 and the client computer is attempting to connect to
the network with a media type of Virtual (VPN), the conditions of the policy are not met.

These conditions are Network policy conditions :

NAP-Capable Computers – Restricts the policy to either clients that are capable of participating in NAP or clients that are not capable of participating in NAP.
This capability is determined by whether the client sends a SoH to NPS.

The MS-Service Class conditions – Restricts the policy to clients that have received an IP address from a DHCP scope that matches the specified DHCP profile name.
This condition is used only when you are deploying NAP with the DHCP enforcement method.

Health Policies – Restricts the policy to clients that meet the health criteria specified in the health policy. For example, you might have two Health Policies
that you have configured using the Windows SHV — one health policy created for circumstances where client computers pass all health checks and one policy created
for circumstances where client computers fail all health checks specified in the Windows SHV. If you select the health policy that designates that all client
computers must pass all health checks, the SoH sent to NPS from NAP agent on the client computer must state that the client passed all health checks required by
the Windows SHV in order for the conditions of the network policy to be met.