You are an Enterprise administrator for contoso.com. The corporate network of the company consists of a single Active Directory domain. All the servers on the network run Windows Server 2008 and all client computers run Windows Vista and Microsoft Office Outlook 2007.
The corporate network run two file servers, one database server on TCP port 47182, and Microsoft Exchange Server 2007 servers. The company has many mobile users and you have been asked to provide them the remote access to the corporate network.
You have been told that the remote users work from locations that only support access to the Internet by using HTTP and HTTPS.
Which of the following options would you choose to ensure that remote users are able to establish secure connections to the network and are able to access the database and file servers and e-mail ? (Select two. Each selected option will present a part of the answer.)
A.
Upgrade all client computers to Windows Vista Service Pack 1.
B.
Implement Outlook Anywhere for Exchange Server 2007.
C.
Deploy Connection Manager Administration Kit (CMAK) profiles to the client computers
D.
Implement a VPN solution that uses Layer Two Tunneling Protocol (L2TP).
E.
Implement a VPN solution that uses Point-to-Point Tunneling Protocol (PPTP).
F.
Implement a VPN solution that uses Secure Socket Tunneling Protocol (SSTP).
Explanation:
To ensure that remote users are able to establish secure connections to the network and are able to access the database server and file servers and have access to e-mail, you need to upgrade all client computers to Windows Vista Service Pack 1 and implement a VPN solution that uses Secure Socket Tunneling Protocol (SSTP)
Windows Vista Service Pack 1 and Windows Server 2008 now include a new VPN technology called Secure Socket Tunneling Protocol (SSTP), which is designed to make secure remote access very easy. SSTP is designed to enable VPN tunneling for virtually any scenario. You can use it behind a NAT, across a firewall, through a Web proxy – as long as TCP port 443 is open (which it usually is for HTTPS traffic).
SSTP is more than just another SSL-based VPN that only works with Web clients. It’s fully integrated into the remote access architecture of Windows, which means you can use it with Winlogon authentication or with strong authentication such as smart card or RSA SecurID; or, you can create and manage CMAK profiles, remote access policies, and the like. Plus, it uses only one HTTPS channel between the SSTP client (Windows Vista) and the SSTP server (Windows Server 2008) for each SSTP VPN connection, which makes it straightforward to load-balance SSTP sessions across servers.
Reference: SSTP Makes Secure Remote Access Easier http://biztechmagazine.com/article.asp?item_id=377