| < Day Day Up > |
|
1. | You have a computer running Windows Server 2003 and IIS 6.0 located on a screened subnet. This computer runs a Web server that is used to provide product information to potential customers around the country. The computer is a member of your company’s domain. You want to configure the server so that all communication, except that accessing the Web site, must be encrypted by IPSec. This IPSec communication must be authenticated by Kerberos. Which of the following components would you include in the configuration of a custom IPSec policy that would be applied to the computer running Windows Server 2003? (Each correct answer forms part of the solution.)
|
|
2. | You are configuring an IPSec policy to allow only computers that have a specific digital certificate installed to send and receive e-mail by means of the Post Office Protocol 3 (POP3) service on Windows Server 2003. Which ports should you configure rules for? (Select all that apply.)
|
|
3. | You are configuring an IPSec filter for a computer running Windows Server 2003, and you have constructed a filter list as shown in the following figure.
If the Filter Action for this list were set to permit, and there were a filter list also configured to require security for all other IP traffic, which of the following statements would be true? (Select all that apply.)
|
|
4. | You are in the process of configuring a set of IPSec filters for a Windows Server 2003 domain controller on your network. You want to make sure that you permit traffic to the Lightweight Directory Access Protocol (LDAP), Kerberos, and global catalog server ports. Given your requirements, which of the following ports should you permit traffic to? (Select all that apply.)
|
|
5. | You have a set of five servers running Windows Server 2003, Web Edition that are located on a screened subnet. These Web servers are each running a Web application that needs to access data on a computer running SQL Server 2000 that is located on your internal network. The IP addresses of the Web servers on the screened subnet are: Server 1: 192.168.1.130 Server 2: 192.168.1.140 Server 3: 192.168.1.150 Server 4: 192.168.1.160 Server 5: 192.168.1.170 The IP address of the computer running Windows Server 2003 that is located on the internal network is 10.10.1.100. You want to ensure that data transmissions between the Web servers on the screened subnet and the computer running SQL Server on the internal network are encrypted by IPSec. You don’t need other traffic between the Web servers and the computer running SQL Server to be encrypted because such traffic is already blocked by the internal firewall, and the encryption and decryption process would just add to processor overhead. Which of the following custom rules would achieve this goal if it was set to Require Security? (Select all that apply.)
|
|
Answers
1. | Correct Answers: A, B, and C
|
2. | Correct Answers: B and D
|
3. | Correct Answers: A, C, and D
|
4. | Correct Answers: A and D
|
5. | Correct Answers: A and B
|
| < Day Day Up > |
|