|
Home > Archive > 70-068 enterprise > November 2000 > Ians Q164, 165, 166, 167
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Ians Q164, 165, 166, 167
|
|
|
| Can anyone please tell me the correct answers to the RAS scenario Q's 164, 165, 166, 167 from Ian's dump.
Iam taking the exam in a week and am very confused. | |
|
| Ok Sunny100 pls post or email me the questions and I will explain the correct answers.
------------------
Yeti-GBR1
MCNE MCPx3 SCO ACE LCD Compaq ASE (Wannabe CCIE)
email: Yeti@zerg.com
http://www.mcse2000.plus.com
Yes I'm a Blizzard Brood War Veteran. | |
|
| I think (from what I remember) the questions were RAS related, and getting a certain group to be able to dial in, with optionals being password and data encryption.
The thing to look for in them is that they check the button to enable data encryption. By default MS uses Microsoft encryption automatically for all passwords, so that one would be set. But if they don't check off data encryption, it won't happen... keep that in mind. PW's = Automatically encrypted (unless you choose "any authentication including clear text") Data is not automatically encrypted, you have to set it.
Of course, I could be wrong. But I'm pretty sure of this.
-Kenny
MCP (Wkstation, Server) CNA
Studying my rump off for Enterprise! | |
|
| im glad someone else is have a time with these questions...hope im not too late!!
according to petri and rav's version of ian's dump...IF the client is using NT4.0, 95, or 3.11, the security automatically defaults to MS encrypted, which will include
both data and P/W...the extra checkbox for require data encryption is for additional non-MS client security....i dunno..petri and
rav are two very trustworthy sources...can anyone else take a stab at this??? im confused as heck and would really like to hear other opinions!!!  | |
|
| Backing up a quick sec:
Q163:
According to Microsoft's Curricullum, (pg 360-361 of the Supporting MS Win NT Server 4.0 Enterprise technologies), RAS is designed to Avoid answer A, B, & D.
The answer really is not 'C' either, but it is the best of the worst. RAS supports pass-through authentification (OR as I summrize from the text, DUN + RAS allows 'Transparent network connection & resource access'), but you must allow DUN users to EITHER 'access this machine only' OR 'access the entire network'...
Q164:
No provision is made in the solution to allow anyone to dial in. By default, users CAN NOT dial into NT. You must give them the permission. Notice that Q165 DOES have the provision to "...configure it... so only brokers have permission to log in"It seems to much to read in that RAS access has been configured for the broker accounts... I vote D.
If it is to be assumed, then B. seems the best. The brokers use NT workstaions. NT DUN, by default, is set to use MS encrypted authentification. Also, the 'allow clear text option' will allow encrypted access if the client WS is set to use it. Since this is set on the clients as a default configuration, 'a method' to protect passwords is estabilshed, ie:
Configure DUN for Brokers on NT WS's
The arguement can be made for C in that clear-text pasword CAN be used, should someone choose to log in using clear-text....
Q 165:
B is correct as (and this speaks to Q164 also) by default, when using MS encrypted PW's, you CAN also choose (But is not choosen by default) to use Data encryption also...
Q 166:
In this case encryption was enabled. As call-back security has been enabled for the brokers, they have been configured to have dial-in access. As I recall, by default, call-back allows the user to choose the number to be called back at. This can be restricted by specifing a required call-back number (such as the home phone) which increases the security by limiting dial-in access.
Q167:
etc...
Q 168:
This question looks bogus. Answers A-C are not correct.
A: Encryption must be set globally for all users. You can set it to the "lowest common-denominator" security level
(i.e. allowing clear-text or non-MS encryption would still allow NT WS's that dial in using MS encryption to use this higher encyption level)
so if the client is set to use security it will be used.
B: According to my MS offical curriculm book, the settings in question apply to ALL ports. This is set gloabally for each RAS server.
C: Again, encryption can not be set for particular user accounts. It is a global setting.
D: The answer by default... again, the best of the worst.
Q169: FYI: RAS is built to support NetBIOS. As mentioned my Caldazar in his edit, IPX would need to be checked on the list if it is to be used as a communication protocol. Since it is not, 'C' is wrong.
Q171: Key Concepts:
PSTN (ie Regular telephone line): For conveneance (available everywhere), but slow
ISDN: For speed
X.25 : For packet-switching on a dial-up connection (expensive!)
PPTP: Dial into the internet using PPP via PSTN (for example) and "securely" 'Tunnel' though the Internet to your
Network, saving a long-distance phone call. This is a type of VPN.
This is my 2c Hope it helps. Taking this exam tommorrow!
------------------
Know why the other
answers are wrong |
|
|
|
|