Which Network Access Protection (NAP) enforcement method should you implement?

Your network contains an Active Directory domain named contoso.com. The domain contains three
VLANs. The VLANs are configured as shown in the following table.

All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates
installed.
You need to implement a solution to ensure that only the client computers that have all of the required
security updates installed can connect to VLAN 1. The solution must ensure that all other client
computers connect to VLAN 3.
Which Network Access Protection (NAP) enforcement method should you implement?

Your network contains an Active Directory domain named contoso.com. The domain contains three
VLANs. The VLANs are configured as shown in the following table.

All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates
installed.
You need to implement a solution to ensure that only the client computers that have all of the required
security updates installed can connect to VLAN 1. The solution must ensure that all other client
computers connect to VLAN 3.
Which Network Access Protection (NAP) enforcement method should you implement?

A.
VPN

B.
DHCP

C.
IPsec

D.
802.1x

Explanation:
The most common method of the list is 802.1x for a variety of reasons. First, the industry has been
selling 802.1x network authentication for the last 10 years. 1x gained tremendous popularity as wireless
networking became prevalent in the late 90’s and early 2000’s and has been proven to be a viable
solution to identifying assets and users on your network. For customers that have invested in 802.1x
capable switches and access points, NAP can very easily be implemented to complement what is already
in place. The Network Policy Server (NPS) role
Windows Server 2008 has been dramatically improved to make 802.1x policy creation much simpler to
do. Network Access Protection Using 802.1x VLAN’s or Port ACLs – Which is right for you?
http://blogs.technet.com/b/wincat/archive/2008/08/19/network-access-protection-using-802-1x-vlan-sor-port-acls-which-is-right-for-you.aspx



Leave a Reply 2

Your email address will not be published. Required fields are marked *


Rogue

Rogue

I don’t know that I agree with the given answer. I would have though DHCP to be the correct choice.

zipt

zipt

Nope. DHCP either assigns you an IP address or doesn’t.ONLY 802.1x can redirect to different Vlans based on computer health