What should you configure on each server?

HOTSPOT

Your network contains an Active Directory domain named contoso.com. The domain contains two
servers named Server1 and Server2. Server1 has the Network Policy Server server role installed.
Server2 has the DHCP Server server role installed. Both servers run Windows Server 2012 R2.
You are configuring Network Access Protection (NAP) to use DHCP enforcement.
You configure a DHCP scope as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that non-compliant NAP clients receive different DHCP options than compliant
NAP clients.
What should you configure on each server? To answer, select the appropriate options for each
server in the answer area.

HOTSPOT

Your network contains an Active Directory domain named contoso.com. The domain contains two
servers named Server1 and Server2. Server1 has the Network Policy Server server role installed.
Server2 has the DHCP Server server role installed. Both servers run Windows Server 2012 R2.
You are configuring Network Access Protection (NAP) to use DHCP enforcement.
You configure a DHCP scope as shown in the exhibit. (Click the Exhibit button.)

You need to ensure that non-compliant NAP clients receive different DHCP options than compliant
NAP clients.
What should you configure on each server? To answer, select the appropriate options for each
server in the answer area.

Answer: See the explanation

Explanation:
Health Policies
Server Options
* Health policy on the NAP server.
* The DHCP server must be NAP enabled.

Note: With DHCP enforcement, a computer must be compliant to obtain an unlimited access IP
address configuration from a DHCP server. For noncompliant computers, network access is limited
by an IP address configuration that allows access only to the restricted network. DHCP enforcement
enforces health policy requirements every time a DHCP client attempts to lease or renew an IP
address configuration. DHCP enforcement also actively monitors the health status of the NAP client
and renews the IPv4 address configuration for access only to the restricted network if the client
becomes noncompliant.

Show Hint

Leave a Reply 6

Your email address will not be published. Required fields are marked *

ten − eight =

asd

asd

Wrong answer, as per screenshot NAP is already enabled for the DHCP Scope. The next step would be defining both Healthy/Unhealthy policies.

Reply

dfgdgfdgf

dfgdgfdgf

Server1: Health Policies

Server2: A policy

Not Server options, which is irrelevant, NAP is already enabled on the scope, next policies based off the NAP user class must be created so that healthy/unhealthy scopes can be defined.

Reply

jay z

jay z

^ a policy for server two is correct for windows 2012…

Reply

figaro

figaro

Scope options on Server2
ExamRef 70-411, p253
“On DHCP server, select the properties for the DHCP scope on which you want to enforce NAP and enable Network Address Protection settings for the scope …”

Reply

Chris

Chris

As stated by others Health Policy would be set on Server 1.
On Server2, the Scope options would be set. Example: Scope1 would have NAP enabled for the scope in the Scope Properties\Network Access Protection Tab. A second scope Scope2 would have NAP disabled for the scope and would assign and IP from a subnet with limited network access.

Reply