| < Day Day Up > |
|
1. | Which of the following commands, when issued from the ipsec static> prompt when netsh ipsec is run on the command line, will add a filter to the secureweb filterlist that will deal traffic coming from network 10.10.2.32 /27 to the Web server located on the local host?
|
|
2. | Which of the following are limitations on the authentication methods that can be used by a standalone computer running Windows Server 2003 that is using IPSec to ensure that its network communications are encrypted?
|
|
3. | Rooslan has created an IPSec policy on a computer running Windows Server 2003 by entering the following list of commands from the netsh ipsec static> context command prompt:
add filterlist name=testlist add filteraction name=testaction inpass=no soft=no action=negotiate add filter filterlist=testlist srcaddr=any dstaddr=Me protocol= TCP mirrored=YES srcmask=0.0.0.0 dstmask=255.255.255.255 srcport= 0 dstport=110 add filter filterlist=testlist srcaddr=any dstaddr=Me protocol= TCP mirrored=YES srcmask=0.0.0.0 dstmask=255.255.255.255 srcport= 0 dstport=25 add policy name=testpolicy activatedefaultrule=no assign=no add rule name=testrule policy=testpolicy filterlist=testlist filteraction=testaction psk="Quis Custodiet Custodes" The computer running Windows Server 2003 is running the POP3 service. Which of the following statements about Rooslan’s IPSec policy are true, given the configuration listed above? (Select all that apply.)
|
|
4. | You are the security administrator for the Tailspin Toys forest. The forest is running at the Windows Server 2003 functional level. There are three domains in this forest: root.tailspintoys.com, melbourne.tailspintoys.com, and redmond.tailspintoys.com. There is a group of 500 workstations running Windows XP Professional that are members of the melbourne.tailspintoys.com domain. There are 10 file and print servers running Windows 2000 Server that are members of the melbourne.tailspintoys.com domain. The 500 computers running Windows XP Professional are members of an organizational unit named WORKSTATION. The 10 file and print servers running Windows 2000 Server are members of the organizational unit named MEMBERSERV. The 10 file and print servers running Windows 2000 Server and the 500 computers running Windows XP Professional are all located at Site B within the domain. Several GPOs have been created, each of which has a different IPSec policy. These GPOs and their corresponding IPSec policies are listed below: GPO one: No IPSec policy set GPO two: Client (Respond Only) IPSec policy set GPO three: Server (Request Security) IPSec policy set GPO four: Secure Server (Require Security) IPSec policy set GPO one is applied to the WORKSTATION OU. GPO two is applied to the melbourne.tailspintoys.com domain. GPO three is applied to the root.tailspintoys.com domain. GPO four is applied to Site B. Assume that no other IPSec policies are applied in the forest. Given this information, which of the following statements is correct?
|
|
5. | Several users in your domain are attempting to use the FTP protocol to upload files to a computer running Windows Server 2003 on your organization’s screened subnet. The computer running Windows Server 2003 on the screened subnet has an IPSec policy set that requires security. Because it is a standalone computer, it does not use the default Active Directory/Kerberos IPSec authentication. Instead it uses a preshared key with the phrase “qua partis tutis”. All computers running Windows XP Professional in the domain are subject to a GPO at the domain level with the IPSec policy set Server (Request Security). What step or steps can you take to ensure that the users within your domain who require FTP access to the computer running Windows Server 2003 on the screened subnet can make encrypted connections to this computer?
|
|
Answers
1. | Correct Answers: A
|
2. | Correct Answers: B
|
3. | Correct Answers: A and E
|
4. | Correct Answers: C
|
5. | Correct Answers: D
|
| < Day Day Up > |
|