Home » Microsoft » 70-417 v.2 » What should you install on Server1 before you run the Configure NAP wizard?
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1 that runs Windows Server 2012 R2.
Server1 has the Network Policy Server role service installed.
You plan to configure Server1 as a Network Access Protection (NAP) health policy server for VPN enforcement by using the Configure NAPwizard.
You need to ensure that you can configure the VPN enforcement method on Server1 successfully.
What should you install on Server1 before you run the Configure NAP wizard?
A. A computer certificate
B. A system health validator (SHV)
C. The Remote Access server role
D. The Host Credential Authorization Protocol (HCAP)
Correct Answer: A
Explanation/Reference:
Explanation:
Configure Policies for VPN Enforcement
The NAP health policy server uses the Network Policy Server (NPS) role service with configured network policies, health policies, and system health validators (SHVs) to evaluate client health based on administrator defined requirements. Based on the results of this evaluation, NPS instructs the virtual private network (VPN) server to provide full access to compliant NAP client computers and to restrict access to noncompliant client computers when NAP is deployed using full enforcement mode.
Before performing this procedure, you must install a certificate for Protected Extensible Authentication Protocol (PEAP) authentication. For more information, see Install a Computer Certificate for PEAP
You cannot continue without a valid certificate:
References:
http://technet.microsoft.com/fr-fr/library/dd314165%28v=ws.10%29.aspx