Your network contains an Active Directory domain named contoso.com. The domain contains three VLANs. The VLANs are configured as shown in the following
table.
All client computers run either Windows 7 or Windows 8.
The corporate security policy states that all of the client computers must have the latest security updates installed.
You need to implement a solution to ensure that only the client computers that have all of the required security updates installed can connect to VLAN 1. The
solution must ensure that all other client computers connect to VLAN 3.
Solution: You implement the IPsec enforcement method.
Does this meet the goal?
A.
Yes
B.
No
Explanation:
Note: NAP enforcement for IPsec-protected traffic works by providing X.509 certificates, called health certificates, to client computers that meet network health
requirements. Health certificates are used to authenticate NAP client computers when they initiate IPsec-protected communications with other computers.
Computers that are noncompliant with health requirements do not have health certificates. If a computer that does not have a health certificate initiates
communication with a computer that has a health certificate, the connection is not allowed. In this way, NAP with IPsec enforcement restricts noncompliant
computers from accessing IPsec-protected resources on the network. Because IPsec controls host access on a per- connection basis, IPsec enforcement provides
the strongest form of NAP enforcement.
I doubt yes/no questions will be on the exam…
Don’t Study Dumps dude….
Why are you here?
why not study dumps? in my 15 years of working I have never encountered anything like what I read here except for basic questions like WDS. Tests should be interactive where they give you a scenario to accomplish. These tests are stupid and should not be taken seriously