You work as the enterprise administrator at ABC.com. ABC.com has a domain named ABC.com. The ABC.com network servers run Microsoft Windows Server 2008 and the client computers run Microsoft Windows Vista. ABC.com has a computer named ABC-SR12 configured to host the Windows Server Update Services (WSUS) service.
During the course of the day ABC.com configured the network users to obtain and download updates from ABC-SR12.
How would you configure ABC-SR12 ensuring communication to and from ABC-SR12 is encrypted?
A.
By configuring and using Integrated Windows Authentication (IWA).
B.
By disabling Basic Authentication setting on ABC-SR12.
C.
By configuring and using SHA encryption on the web site.
D.
By enabling Active Directory Client Certificate Authentication on ABC-SR12.
E.
By configuring and using Internet Protocol Security (IPSec) on the Web site.
Explanation:
To make sure of the encryption, you need to configure IIS to disable anonymous access to the ServerSyncWebService virtual directory. After that you need to select Integrated Windows authentication.SSL encryption will not work. This means that the entire traffic must be encrypt, whereas WSUS only encrypts metadata traffic.
Reference: Plan and Assess: Using Windows Server Update Services (WSUS)
http://technet.microsoft.com/en-us/updatemanagement/bb245871.aspx