Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that has the Remote Access server role
installed. DirectAccess is implemented on Server1 by using the default configuration. You discover that DirectAccess clients do not use DirectAccess when
accessing websites on the Internet. You need to ensure that DirectAccess clients access all Internet websites by using their DirectAccess connection. What should
you do?
1. Disable the DirectAccess Passive Mode policy setting in the DirectAccess Client Settings Group Policy object (GPO).
2. Configure a DNS suffix search list on the DirectAccess clients.
3. Enable the Route all traffic through the internal network policy setting in the DirectAccess Server Settings Group Policy object (GPO).
4. Configure DirectAccess to enable force tunneling.
Answer: Pending
Correct answer is 4. Configure DirectAccess to enable force tunneling.
In Server 2012 R2, there is no need to modify GPOs.
Force tunneling can be enabled even after DA deployment by simply rerunning the ‘Configure Remote Clients Wizard’ section of the deployment within Remote Access Management Console GUI.
https://technet.microsoft.com/en-us/library/jj134204(v=ws.11).aspx#BKMK_forcetunnel
“To make Internet resources available to DirectAccess clients that use force tunneling”