Home > Archive > 70-216 > April 2004 > L2TP VPN with dialup





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author L2TP VPN with dialup
Jahoe

2004-04-20, 6:20 pm

I am practicing some questions for the exam and now there is a question where I dount that the given correct answer is wrong. Question is below. As far as my information goes, L2TP can be used with dialup connection so the correct answer to me is B and E and not C and E. Can someone confirm this?
------------------------------------
You are the over-worked, under-paid and under-appreciated administrator of your company's network, which consists of a single Windows 2000 Domain. The network includes two domain controllers running Windows 2000 Server and two backup domain controllers running Windows NT 4.0. Another Windows 2000 Server computer named VPN1 runs Routing and Remote access. All client computers run Windows 2000 Professional. Employees who travel to customer sites use company-issued portable computers. These computers are configured for smart card support with company-issued certificates. Traveling employees dial in to VPN1 for network access. You need to configure VPN1 to ensure that virtual private network (VPN) connections are as secure as possible. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two)

A. Require Microsoft Point-to-Point Encryption (MPPE) for all dial-up users
B. Require L2TP/IPSec tunnel connections for all dial-up users
C. Require PPTP tunnel connections for all dial-up users
D. Require MS-CHAP v2 authentication for all dial-up users
E. Require EAP smart cards or certificates for authentication for all dial-up users.

Answer: C, E

Explanation: The portable computers are configured for smart card support with company-issued certificates. Only the Extensible Authentication Protocol (EAP) supports smart card authentication. In Windows 2000 there are two tunneling protocols: PPTP and L2TP/IPSec. L2TP supports tunnel authentication but Microsoft's PPTP implementation relies on the user's password as the basis for creating session keys for authentication and encryption. This reliance on user password makes the implementation, as weak as any user's password. This makes L2TP/IPSec more secure than PPTP. But you cannot use L2TP for dial up connections, so we will have to use PPTP.
------------------------------------
Sponsored Links





Free Braindumps | MCSE braindumps software forum

Copyright 2003 - 2008 examnotes.net