A Quick Answer Key follows the Self Test questions. For complete questions, answers, and explanations to the Self Test questions in this chapter as well as the other chapters in this book, see the Self Test Appendix.
1. | Your network consists of Windows Server 2003 domain controllers (DCs), Windows 2003 DNS servers, and Windows XP clients . You have recently added a firewall to the network to provide security for the network from attack from the Internet. You have placed your Web, e-mail, and DNS servers outside the firewall. Your company has established a written policy that allows only SMTP, HTTP, and DNS traffic to pass through the firewall. Which ports do you need to permit? (Choose all that apply.)
|
|
2. | You are designing a network implementation for your company and you want to have an Internet presence for your Web and e-mail servers. The Web server is called WebSvr1, and the e-mail server is named MailSvr1. Due to a recent bout of attacks, you need to implement a solution that will provide security and protection for your network. You are concerned about providing security for the Web and e-mail servers, yet you need to provide anonymous access to the Web server for the general public. You are worried that these anonymous users might use their access to investigate and attack the rest of your network as well. How do you design your network? (Select the best answer.)
|
|
3. | You have a network that consists of four subnets. The networks IDs for the networks are 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, and 10.0.4.0/24. Each subnet has two Windows Server 2003 and 75 Windows XP clients. You are planning to add a VPN server to the network to provide connectivity for remote users. You need to summarize the internal network IDs on the VPN server. What is the minimum information needed to accomplish the desired result?
|
|
4. | You are configuring routing on an RRAS server. The RRAS server s intranet interfaces are configured to be connected to the intranet with a manual TCP/IP configuration that will consist of the IP address, subnet mask, default gateway, and intranet DNS servers. You are now experiencing difficulties when users attempt to connect to the Internet. What must you do to resolve these conflicts?
|
|
Answers
1. | C , D , E |
2. | D |
3. | C |
4. | D |
5. | You are designing a VPN that will allow the company s sales force to travel to multiple cities around the Untied States. You are using an Internet service provider (ISP) that provides service across the United States and has local numbers in all major cities and many smaller cities as well. The ISP is constantly adding new telephone numbers as it expands its service area. The sales manager is concerned that his sales force will not know what the local access number will be in the cities where they will be traveling. He asks if there is a solution that will help the sales force to make the VPN connection so that they can pass confidential client information and sales orders back to corporate headquarters. What is the best solution to address this problem?
|
|
6. | You have designed a Windows Server 2003 VPN solution for your corporation. The solution has a Windows Server 2003 VPN server at headquarters. The VPN server has been placed behind the internal firewall protecting your network. You have created a DNS record on your Internet server in the DMZ so that you can perform name resolution to the VPN server. You have tested connectivity to the VPN server from all of the client computers using the PING utility. The clients at the branch offices are running Windows 98 and Windows XP. The Windows 98 clients are configured to use PPTP to establish the VPN connections. The Windows XP clients are configured to use L2TP using IPSec. The Windows 98 clients are using MS-CHAP v 2 to authenticate themselves as users. The Windows XP clients are using user-level certificate authentication with EAP-TLS. The Windows XP clients are not experiencing any difficulties in connecting, but the Windows 98 clients are not able to connect to the VPN server. What should you check to resolve the connectivity issue for the Windows 98 clients?
|
|
7. | You have just replaced many of your company s dial-in connections with VPN connections to reduce the costs of maintaining dial-in services. You have recently configured VPN access on a laptop for a user. You have specified the host name for the VPN server in the Host Name or IP Address box. Now the user is complaining that he is receiving the error message Destination Host Unknown. What is the most likely cause for this error message?
|
|
8. | You have just installed Routing and Remote Access on a Windows Server 2003 to function as a VPN server. Several remote users need to transmit confidential data to the company using the VPN server. The remote users are not members of your company s domain. The remote users are running Windows XP on the client computers, and they all have access to a local ISP to provide Internet connectivity. Data transmission security is critical to the company and to the remote users. All of the clients will be using L2TP to create the connection to the VPN server. Which secure authentication method should you use for these connections?
|
|
Answers
5. | D |
6. | B |
7. | A |
8. | D |