Home » Microsoft » 70-687 » Which two actions should you perform?
You provide IT support for a small business.
A member of the team needs the ability to use Remote Desktop and VPN to access a desktop computer from a laptop when traveling. This desktop computer is running Windows 8.1 Pro, while the laptop is running Windows 7 Professional.
You need to set up a secure Remote Desktop connection on the desktop computer.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Require Network Level Authentication.
B. Allow remote connections.
C. Disable Remote Assistance connections.
D. Make the user account a standard user.
Correct Answer: AB
Explanation/Reference:
Explanation:
http://windows.microsoft.com/en-us/windows/remote-desktop-connection-faq#1TC=windows-8 Remote Desktop Connection: frequently asked questions
…
There are two remote settings options:
Don’t allow remote connections to this computer. This will prevent anyone from connecting to your PC remotely. Allow remote connections to this computer. This will allow remote connections on your PC.
If you know that the people who will connect to your PC are running Windows 7, Windows 8, or Windows 8.1 on their PCs, check the Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended) box. These versions of Windows use Network Level Authentication, which is an authentication method that completes before you establish a full connection and the sign-in screen appears. This can help protect the remote PC from hackers and malware.
http://technet.microsoft.com/en-us/library/cc732713.aspx
Configure Network Level Authentication for Remote Desktop Services Connections
Network Level Authentication is an authentication method that can be used to enhance RD Session Host server security by requiring that the user be authenticated to the RD Session Host server before a session is created.
Network Level Authentication completes user authentication before you establish a remote desktop connection and the logon screen appears. This is a more secure authentication method that can help protect the remote computer from malicious users and malicious software. The advantages of Network Level Authentication are:
It requires fewer remote computer resources initially. The remote computer uses a limited number of resources before authenticating the user, rather than starting a full remote desktop connection as in previous versions.
It can help provide better security by reducing the risk of denial-of-service attacks.
To use Network Level Authentication, you must meet the following requirements:
The client computer must be using at least Remote Desktop Connection 6.0. The client computer must be using an operating system, such as Windows 7, Windows Vista, or Windows XP with Service Pack 3, that supports the Credential Security Support Provider (CredSSP) protocol. The RD Session Host server must be running Windows Server 2008 R2 or Windows Server 2008.
