Home » Microsoft » 70-647 » What should you include in your plan?
Your network consists of one Active Directory domain. The domain contains servers that run Windows Server 2008.
The servers are configured as shown in the following table:
Server2 and Server3 are configured as RADIUS clients.
You need to plan a solution to manage all VPN connections to the network.
The solution must meet the following requirements:
- Specify the allowed VPN connection protocols.
- Specify the allowed VPN client authentication mechanisms.
- Specify VPN client access rights based on group membership.
What should you include in your plan?
A. A Group Policy object (GPO) applied to Server2 and Server3
B. A Group Policy object (GPO) applied to the computers that must establish VPN connections
C. A local computer policy on Server2 and Server3
D. A network policy on Server4
Correct Answer: D
Explanation/Reference:
Use NPS on Server 4 to create a RADIUS sever which will handle all your VPN requirements.
Network Policy Server (NPS) allows you to create and enforce organization-wide network access policies for client health, connection request authentication, and connection request authorization. In addition, you can use NPS as a RADIUS proxy to forward connection requests to NPS or other RADIUS servers that you configure in remote RADIUS server groups.
Network Policy Server (NPS) can be used as a RADIUS server to perform authentication, authorization, and accounting for RADIUS clients. A RADIUS client can be either a network access server or a RADIUS proxy. When NPS is used as a RADIUS server, it provides the following:
A central authentication and authorization service for all access requests that are sent by RADIUS clients.
NPS uses a Microsoft® Windows NT® Server 4.0 domain, an Active Directory® domain, or the local Security Accounts Manager (SAM) user accounts database to authenticate user credentials for connection attempts. NPS uses the dial-in properties of the user account and network policies to authorize a connection.
A central accounting recording service for all accounting requests that are sent by RADIUS clients.