What should you include in the recommendation?

Your network contains an Active Directory domain named contoso.com. The domain
contains multiple sites. You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate
network from the Internet, all of the traffic destined for the Internet must be routed through
the corporate network.

You need to recommend a solution for the planned DirectAccess deployment that meets the
security policy requirement.
What should you include in the recommendation?

Your network contains an Active Directory domain named contoso.com. The domain
contains multiple sites. You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate
network from the Internet, all of the traffic destined for the Internet must be routed through
the corporate network.

You need to recommend a solution for the planned DirectAccess deployment that meets the
security policy requirement.
What should you include in the recommendation?

A.
Set the ISATAP State to state enabled.

B.
Enable split tunneling.

C.
Set the ISATAP State to state disabled.

D.
Enable force tunneling.

Explanation:
http://blogs.technet.com/b/csstwplatform/archive/2009/12/15/directaccess-how-to-configureforcetunneling-forda-so-that-client-are-forced-to-use-ip-https.aspx
You can configure DirectAccess clients to send all of their traffic through the tunnels to the
DirectAccess server with force tunneling. When force tunneling is configured, DirectAccess
clients that detect that they are on the Internet modify their IPv4 default route so that default
route IPv4 traffic is not sent. With the exception of local subnet traffic, all traffic sent by the
DirectAccess client is IPv6 traffic that goes through tunnels to the DirectAccess server.



Leave a Reply 0

Your email address will not be published. Required fields are marked *