Network access protection (NAP)

第1题：

Your company has Active Directory Certificate Services （AD CS） and Network Access Protection （NAP）  deployed on the network. You need to ensure that NAP policies are enforced on portable computers taht  use a wireless connection to access the network. What should you do？（）

• A、 Configure all access points to use 802.1X authentication
• B、 Configure all protable computers to use MS-CHAP v2 authentication
• C、 Use the Group Policy Management Console to access the wireless group policy settings， and enable the Prevent connections to ad-hoc networks option.
• D、 Use the Group Policy Management Console to access the wireless group policy settings， and disable the Prevent connections to infrastructure networks option.

第2题：

Your company uses network access protection (NAP) to enforce policies on client computers that connect to the network. Client computers run windows vista. A group Policy is used to configure client computers to obtain updates from WSUS. Company policy requires that updates labeled important and critical must be applied before client computers can access network resources. You need to ensure that client computes meet the company policy requirement. What should you do?（）

• A、Enable automatic updates on each client.
• B、Enable the security center on each client.
• C、Quarantine clients that do not have all available security updates installed.
• D、Disconnect the remote connection until the required updates are installed.

第3题：

第4题：

Your network contains a single Active Directory domain. All domain controllers run Windows Server   2008 R2. There are 1，000 client computers that run Windows 7 and that are connected to managedswitches.   You need to recommend a strategy for network access that meets the following requirements：   èUsers are unable to bypass network access restrictions.   èOnly client computers that have up-to-date service packs installed can access the network.   èOnly client computers that have up-to-date anti-malware software installed can access the network.   What should you recommend？（）

• A、Implement Network Access Protection （NAP） that uses DHCP enforcement.
• B、Implement Network Access Protection （NAP） that uses 802.1x enforcement.
• C、Implement a Network Policy Server （NPS）， and enable IPsec on the domain controllers.
• D、Implement a Network Policy Server （NPS）， and enable Remote Authentication Dial-In User Service  （RADIUS） authentication on the managed switches.

第5题：

Your company has deployed Network Access Protection （NAP）.You configure secure wireless access to the network by using 802.1X authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  What should you do？（）

• A、Configure all access points as RADIUS clients to the Remediation Servers.
• B、Configure all access points as RADIUS clients to the Network Policy Server （NPS）.
• C、Create a Network Policy that defines Remote Access Server as a network connection method.
• D、Create a Network Policy that specifies EAP-TLS as the only available authentication method.

第6题：

Your company's corporate network uses Network Access Protection (NAP).Users are able to connect to the corporate network remotely.You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible. What should you do?（）

• A、Apply an IPsec NAP policy.
• B、Configure a NAP policy for 802.1X wireless connections.
• C、Configure VPN connections to use MS-CHAP v2 authentication.
• D、Restrict Dynamic Host Configuration Protocol (DHCP) clients by using NAP.

第7题：

Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do？（）

• A、Create an IPsec Enforcement Network policy.
• B、Create an 802.1X Enforcement Network policy.
• C、Create a Wired Network (IEEE 802.3) Group policy.
• D、Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.

第8题：

Which two actions， when taken in combination， will result in an effective network security solution？（）

• A、 develop a policy for securing the network
• B、 monitor and test network activities for vulnerabilities
• C、 implement reflexive access lists
• D、 implement dynamic access lists
• E、 select and implement a single comprehensive virus protection program

第9题：

Your company has Active Directory Certificate Services （AD CS） and Network Access Protection （NAP） deployed on the network.You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network.  What should you do？（）

• A、Configure all access points to use 802.1X authentication.
• B、Configure all portable computers to use MS-CHAP v2 authentication.
• C、Use the Group Policy Management Console to access the wireless Group Policy settings， and enable the Prevent connections to ad-hoc networks option.
• D、Use the Group Policy Management Console to access the wireless Group Policy settings， and disable the Prevent connections to infrastructure networks option.

第10题：

Your company has deployed Network Access Protection （NAP). You configure secure wireless access to the network by using 802.1x authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  what should you do（）？ 

• A、Configure all access points as RADIUS clients to the Remediation Servers
• B、Configure all access points as RADIUS clients to the Network Policy Server （NPS）
• C、Create a Network Policy that defines Remote Access Server as a network connection method
• D、Create a Network Policy that specifies EAP-TLS as the only availible authentication method.