|
Home > Archive > 70-216 > September 2002 > Thur. - 9/26 - QOD
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Thur. - 9/26 - QOD
|
|
| Pavlov 2002-09-26, 8:57 am |
| You are the administrator for a Windows 2000 network. The network contains four Windows 2000 server computers that use IPSec to secure the network communication.
While using IPSec Monitor, you determine that hard security associations (SAs) aren't being established between computers. After running IPSec Monitor on one of the computers, you find that a soft SA exists between two of the computers. You also find that the security setting for the SA is set to None.
Which steps should you take to prevent this soft SA from remaining between the comuters? (Select all that apply)
A. Start traffic
B. Stop all traffic
C. Restart the policy agent
D. Refresh the IPSec Monitor
E. Reboot the server computers
F. Verify the SA isn't displaying in IPSec Monitor
G. Change the security setting for the SA to Enabled
Good luck and tune in tomorrow for the answer. | |
| Shadowwraith 2002-09-26, 8:59 am |
| I am one for one so far. Let's see if I can keep the streak. I am going for all answers except E. | |
| frazang 2002-09-26, 11:00 am |
| i'll second that - everything but E
though i was considering just chiming in with Shadowwraith, i decided to research for myself. lord knows how effective that effort may have been, but i'm sticking with the above.  | |
|
| B, D, F, A, C
I wasn't sure about D, but it makes sense! | |
| Pavlov 2002-09-27, 9:12 am |
| You are the administrator for a Windows 2000 network. The network contains four Windows 2000 server computers that use IPSec to secure the network communication.
While using IPSec Monitor, you determine that hard security associations (SAs) aren't being established between computers. After running IPSec Monitor on one of the computers, you find that a soft SA exists between two of the computers. You also find that the security setting for the SA is set to None.
Which steps should you take to prevent this soft SA from remaining between the comuters? (Select all that apply)
A. Start traffic
B. Stop all traffic
C. Restart the policy agent
D. Refresh the IPSec Monitor
E. Reboot the server computers
F. Verify the SA isn't displaying in IPSec Monitor
G. Change the security setting for the SA to Enabled
A. Correct: Once you have stopped traffic and restarted the policy agent, you can once again start traffic between the systems. Then, restart the policy agent to delete all soft SAs.
B. Correct: Stopping all traffic is the first step in preventing a soft SA from existing between two systems. As long as traffic exists between the two, the soft SA remains in effect.
C. Correct: Once traffic has been stopped and restarted, restart the policy agent to delete all soft SAs.
D. Incorrect: You must first stop the traffic to this server to reset the SA. Refreshing IPSec doesn't reset the SA currently in use.
E. Incorrect: Rebooting the servers doesn't cause the soft SA to be removed. Instead, you must manually stop traffic between the server and restart the policy agent.
F. Correct: Once traffic has been stopped between the systems, use the IPSec Monitor to verify that the SA no longer exists. Restart traffic to invoke a hard SA (assuming the policy are configured correctly).
G. Incorrect: To remove a soft SA, and cause a configured hard SA to be invoked, you must stop and then start the traffic between the systems and restart the policy agent. | |
| frazang 2002-09-27, 10:37 am |
| if at first you don't succeed... | |
| Pavlov 2002-09-27, 10:42 am |
| Don't worry guys - the key here is learning something from these questions. Although, I must say I'm a bit discouraged by so few responses to the QODs 
These are hard questions. They come from MS directly, so if you're learning from these then you're going to be prepared for the test. |
|
|
|
|