Home > Archive > 70-216 > August 2002 > Pavlov's Sat 70-216 Question of the Day





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Pavlov's Sat 70-216 Question of the Day
wbafrank

2002-08-03, 2:28 pm

 And today's poser is ....

Q24. You wish to install a VPN server on one of the Windows 2000 servers that exist within your organization. The server has an Ethernet card that is connected to a cable modem which in turn is connected via an ISP to the Internet. The server also has another Ethernet card that is connected to the local intranet. You wish to secure the VPN server from sending or receiving any traffic on its Internet interface, except for PPTP or L2TP over IPSec traffic from branch office routers or remote access clients. Which of the following should you do?

A. Configure PPTP and L2TP over IPSec input and output filters on the Internet interface.

B. Configure a remote access policy that only authenticates members of a specific group called "VPN Users" to use the internet interface.

C. Configure a remote access policy that only authenticates the traffic from the Internet that conforms to specific IP ranges.

D. Configure PPTP and L2TP over IPSec input and output filters on the intranet interface.

Good Luck .... see you tomorrow for the answer!!
Pavlov

2002-08-03, 4:14 pm

Hmmm... another good question... http://www.uniquehardware.co.uk/server-smilies/ups/sicdeth/headscratch.gif

B
unreal

2002-08-03, 6:48 pm

It should be 'B'
Deja-vue

2002-08-03, 8:15 pm

B
wbafrank

2002-08-04, 7:40 am

quote:
Originally posted by wbafrank
And today's poser is ....

Q24. You wish to install a VPN server on one of the Windows 2000 servers that exist within your organization. The server has an Ethernet card that is connected to a cable modem which in turn is connected via an ISP to the Internet. The server also has another Ethernet card that is connected to the local intranet. You wish to secure the VPN server from sending or receiving any traffic on its Internet interface, except for PPTP or L2TP over IPSec traffic from branch office routers or remote access clients. Which of the following should you do?

A. Configure PPTP and L2TP over IPSec input and output filters on the Internet interface.
B. Configure a remote access policy that only authenticates members of a specific group called "VPN Users" to use the internet interface.
C. Configure a remote access policy that only authenticates the traffic from the Internet that conforms to specific IP ranges.
D. Configure PPTP and L2TP over IPSec input and output filters on the intranet interface.


And the answer is ....

Correct Answer: A

PPTP and L2TP over IPSec input and output filters need to be configured on the Internet interface. Configuring them on the intranet interface will not secure the Internet interface from receiving and sending traffic other than that specified. You would not use a remote access policy to do this sort of protocol filtering.
Deja-vue

2002-08-04, 7:46 am

Are you sure, frank???
wbafrank

2002-08-04, 8:12 am

quote:
Originally posted by Deja-vue
Are you sure, frank???


Have a read of this white paper VPNScenario.doc which you will need to download from:

http://www.microsoft.com/windows200...vpnscenario.asp
unreal

2002-08-04, 8:43 am

LOL... what a 'kick- s ' question, really caught me off-guard - Good-one
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net