What should you create?

Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2. Server1 has the Network Policy Server
server role installed.
You need to allow connections that use 802.1x.
What should you create?

Your network contains an Active Directory domain named contoso.com. The domain contains a
server named Server1 that runs Windows Server 2012 R2. Server1 has the Network Policy Server
server role installed.
You need to allow connections that use 802.1x.
What should you create?

A.
A network policy that uses Microsoft Protected EAP (PEAP) authentication

B.
A network policy that uses EAP-MSCHAP v2 authentication

C.
A connection request policy that uses EAP-MSCHAP v2 authentication

D.
A connection request policy that uses MS-CHAP v2 authentication

Explanation:
802.1X uses EAP, EAP-TLS, EAP-MS-CHAP v2, and PEAP authentication methods:
EAP (Extensible Authentication Protocol) uses an arbitrary authentication method, such as
certificates, smart cards, or credentials.
EAP-TLS (EAP-Transport Layer Security) is an EAP type that is used in certificate-based security
environments, and it provides the strongest authentication and key determination method.
EAP-MS-CHAP v2 (EAP-Microsoft Challenge Handshake Authentication Protocol version 2) is a
mutual authentication method that supports password-based user or computer authentication.
PEAP (Protected EAP) is an authentication method that uses TLS to enhance the security of other
EAP authentication protocols.
Connection request policies are sets of conditions and settings that allow network administrators to
designate which Remote Authentication Dial-In User Service (RADIUS) servers perform the
authentication and authorization of connection requests that the server running Network Policy
Server (NPS) receives from RADIUS clients. Connection request policies can be configured to
designate which RADIUS servers are used for RADIUS accounting.
With connection request policies, you can use NPS as a RADIUS server or as a RADIUS proxy, based
on factors such as the following:
The time of day and day of the week
The realm name in the connection request
The type of connection being requested
The IP address of the RADIUS client



Leave a Reply 2

Your email address will not be published. Required fields are marked *

5 × 2 =


dj

dj

Incorrect answer C.

B is the correct answer because Server1 will be doing the authentication, therefore it needs a Network policy. A connection request policy configures where to forward the authentication request to and there is no other NPS server acting as a RADIUS server in this scenario.

ramy nada

ramy nada

dj the answer is correct because the 802.1X uses EAP module