Your network contains a single Active Directory domain.
All domain controllers run Windows Server 2008 R2.
There are 1,000 client computers that run Windows 7and that are connected to managed switches.
You need to recommend a strategy for network accessthat meets the following requirements:
Users are unable to bypass network access restrictions.
Only client computers that have up-to-date service packs installed can access the network.
Only client computers that have up-to-date anti-malware software installed can access the network.
What should you recommend?
A.
Implement Network Access Protection (NAP) that uses DHCP enforcement.
B.
Implement Network Access Protection (NAP) that uses 802.1x enforcement.
C.
Implement a Network Policy Server (NPS), and enable IPsec on the domain controllers.
D.
Implement a Network Policy Server (NPS), and enable Remote Authentication DialIn User Service
(RADIUS) authentication on the managed switches.
Explanation:
NETWORK ACCESS PROTECTION ENFORCEMENT FOR 802.1X
Network Access Protection (NAP) enforcement for 802.1X port-based network access control is deployed by
using a server running Network Policy Server (NPS) and an Extensible Authentication Protocol (EAP) host
enforcement client component. With 802.1X port-based enforcement, the NPS server instructs an 802.1X
authenticating SWITCHor an 802.1X-compliant wireless access point (WAP) to control client access according
to connection request policy, network policy, and NAP health policy.
http://technet.microsoft.com/en-us/library/cc770861.aspx