All servers on your network run Windows Server 2008 R2. You deploy Remote Desktop
Services (RDS). You are configuring the Remote Desktop Session Host (RD Session Host)
role service. You need to ensure that authentication occurs before the Remote Desktop
Connection logon screen appears. What should you do?
A.
In the Group Policy Object Editor, configure the Set TS Gateway authentication method
setting to Use smart card.
B.
In the Group Policy Object Editor, configure the Set TS Gateway authentication method
setting to Use locally logged-on credentials.
C.
In the RD Session Host Configuration tool, select the Allow connections from computers
running any version of Remote Desktop option.
D.
In the RD Session Host Configuration tool, select the Allow connections only from
computers running Remote Desktop with Network Level Authentication option.
Explanation:
Network Level Authentication is an authentication method that can be used to enhance RD
Session Host server security by requiring that the user be authenticated to the RD Session
Host server before a session is created.Network Level Authentication completes user authentication before you establish a remote
desktop connection and the logon screen appears. This is a more secure authentication
method that can help protect the remote computer from malicious users and malicious
software. The advantages of Network Level Authentication are:
It requires fewer remote computer resources initially. The remote computer uses a limited
number of resources before authenticating the user, rather than starting a full remote
desktop connection as in previous versions.
It can help provide better security by reducing the risk of denial-of-service attacks.
To use Network Level Authentication, you must meet the following requirements:
The client computer must be using at least Remote Desktop Connection 6.0.
The client computer must be using an operating system, such as Windows 7, Windows
Vista, or Windows XP with Service Pack 3, that supports the Credential Security Support
Provider (CredSSP) protocol.
The RD Session Host server must be running Windows Server 2008 R2 or Windows Server
2008.