Topic 2
2, Weyland Technical Solutions (WTS) Ltd.
Company Background
Weyland Technical Solutions is an IT company who provide hosted or managed services to small
to medium-sized companies in central USA
The company is located in a single site in Weyland,
Kansas.
The company currently has 1500 employees.
Existing Environment
Existing Active Directory Environment
The network consists of a single Windows Server 2008 R2 Active Directory Domain Services (AD
DS) domain named WTSltd.com. The forest functional level is Windows Server 2008.
The network contains four physical domain controllers. All domain controllers are configured as
DNS Servers.
Network Infrastructure
The network is divided into four subnets. All servers are located in a data center located in the
WTS site.
The data center includes the following servers:
Four physical Windows Server 2008 R2 DHCP Servers.
Eight physical Windows Server 2008 R2 file servers.
Six physical Windows Server 2008 R2 print servers.
Four physical Windows Server 2008 R2 domain controllers.
One physical Windows Server 2008 R2 HyperV host server.
All client computers run either Windows 7 or Windows 8.
Business Requirements
Planned Changes
Deploy new Windows Server 2012 Hyper-V host servers.
Implement a VPN solution for external workers.
Implement RADIUS authentication for the VPN connections.
Implement Network Access Protection (NAP).
Implement Active Directory Recycle Bin
Technical Requirements
Weyland Technical Solutions has the following technical requirements:
Migrate all servers to Windows Server 2012.
Virtualize existing physical servers where possible.
Deploy virtual domain controllers using virtual machine cloning.
DHCP IP address leases must be logged centrally.
Centrally manage Network Access Protection (NAP) policies.
************************************************************
You work for a company named Testking.com. Your role of Network Administrator includes the
management of the companys Windows 2012 Active Directory Domain Services (AD DS) domain.
All servers in the network run Windows Server 2012. All client computers run either Windows 7 or
Windows 8.
You are implementing Network Access Protection (NAP) in the network. You need to create a
policy that allows only client computers that have up-to-date security patches to connect to
network servers and the Internet. All non-compliant client computers should only be able to
connect to a server running Window Server Update Services (WSUS) to download the required
updates.
You divide the network into three VLANs. You place the WSUS server in one VLAN. You place
all client computers in another VLAN. You then place all network servers into a third VLAN. Only
the third VLAN can connect to the Internet.
You need to restrict client computers access to either the VLAN containing the WSUS server or
the VLAN containing the other network servers according to their security update policy
compliance.
You need to configure a Network Access Protection (NAP) enforcement method.
Which NAP enforcement method should you use?
A.
You should configure NAP Enforcement for 802.1X.
B.
You should configure NAP Enforcement for VPN.
C.
You should configure NAP Enforcement for DHCP.
D.
You should configure NAP Enforcement for Terminal Services.
E.
You should configure NAP Enforcement for IPSec Communications.