Your company uses Network Access Protection (NAP) to enforce

第1题：

Your network consists of a single Active Directory domain. The network is located on the 172.16.0.0/23  subnet.   The company hires temporary employees. You provide user accounts and computers to the temporaryem ployees. The temporary employees receive computers that are outside the Active Directory domain.   The temporary employees use their computers to connect to the network by using wired connections andwireless connections. The company’s security policy specifies that the computers connected to the network must have the latest updates for the operating system.   You need to plan the network’s security so that it complies with the company 's security policy. What should you include in your plan？（）

• A、Implement a Network Access Protection （NAP） strategy for the 172.16.0.0/23 subnet.
• B、Create an extranet domain within the same forest. Migrate the temporary employees user accounts to the extranet domain. Install the necessary domain resources on the 172.16.0.0/23 subnet.
• C、Move the temporary employees user accounts to a new organizational unit （OU）. Create a new Group Policy object （GPO） that uses an intranet Microsoft Update server. Link the new GPO tothe new OU.
• D、Create a new subnet in a perimeter network. Relocate the wireless access point to the perimeter network. Require authentication through a VPN server before allowing access to the internal resources.

第2题：

Your company uses network access protection (NAP) to enforce policies on client computers that connect to the network. Client computers run windows vista. A group Policy is used to configure client computers to obtain updates from WSUS. Company policy requires that updates labeled important and critical must be applied before client computers can access network resources. You need to ensure that client computes meet the company policy requirement. What should you do?（）

• A、Enable automatic updates on each client.
• B、Enable the security center on each client.
• C、Quarantine clients that do not have all available security updates installed.
• D、Disconnect the remote connection until the required updates are installed.

第3题：

第4题：

Your companys corporate network uses network access protection (NAP). Users are able to connect to the corporate network remotely. You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible. What should you do?（）

• A、Apply an IPsec NAP policy.
• B、Configure a NAP Policy for 802.1x Wireless connections.
• C、Configure VPN connections to use MS-CHAP v2 authentication.
• D、Restrict dynamic host configuration protocol (DHCP) clients by using NAP.

第5题：

Your company has deployed Network Access Protection （NAP）.You configure secure wireless access to the network by using 802.1X authentication from any access point. You need to ensure that all client computers that access the network are evaluated by NAP.  What should you do？（）

• A、Configure all access points as RADIUS clients to the Remediation Servers.
• B、Configure all access points as RADIUS clients to the Network Policy Server （NPS）.
• C、Create a Network Policy that defines Remote Access Server as a network connection method.
• D、Create a Network Policy that specifies EAP-TLS as the only available authentication method.

第6题：

Your company's corporate network uses Network Access Protection (NAP).Users are able to connect to the corporate network remotely.You need to ensure that data transmissions between remote client computers and the corporate network are as secure as possible. What should you do?（）

• A、Apply an IPsec NAP policy.
• B、Configure a NAP policy for 802.1X wireless connections.
• C、Configure VPN connections to use MS-CHAP v2 authentication.
• D、Restrict Dynamic Host Configuration Protocol (DHCP) clients by using NAP.

第7题：

Network Access Protection (NAP) is configured for the corporate network.Users connect to the corporate network by using portable computers.The company policy requires confidentiality of data when the data is in transit between the portable computers and the servers.You need to ensure that users can access network resources only from computers that comply with the company policy.What should you do？（）

• A、Create an IPsec Enforcement Network policy.
• B、Create an 802.1X Enforcement Network policy.
• C、Create a Wired Network (IEEE 802.3) Group policy.
• D、Create an Extensible Authentication Protocol (EAP) Enforcement Network policy.

第8题：

Your company has Active Directory Certificate Services （AD CS） and Network Access Protection （NAP）  deployed on the network. You need to ensure that NAP policies are enforced on portable computers taht  use a wireless connection to access the network. What should you do？（）

• A、 Configure all access points to use 802.1X authentication
• B、 Configure all protable computers to use MS-CHAP v2 authentication
• C、 Use the Group Policy Management Console to access the wireless group policy settings， and enable the Prevent connections to ad-hoc networks option.
• D、 Use the Group Policy Management Console to access the wireless group policy settings， and disable the Prevent connections to infrastructure networks option.

第9题：

Your company uses Network Access Protection (NAP) to enforce policies on client computers that connect to the network. Client computers run Windows 7. A Group Policy is used to configure client computers to obtain updates from Windows Server Update Services (WSUS).Company policy requires that updates labeled Important and Critical must be applied before client computers can access network resources.You need to ensure that client computers meet the company policy requirement. What should you do？（）

• A、Enable automatic updates on each client.
• B、Enable the Security Center on each client.
• C、Quarantine clients that do not have all available security updates installed.
• D、Disconnect the connection until the required updates are installed.

第10题：

Your company has Active Directory Certificate Services （AD CS） and Network Access Protection （NAP） deployed on the network.You need to ensure that NAP policies are enforced on portable computers that use a wireless connection to access the network.  What should you do？（）

• A、Configure all access points to use 802.1X authentication.
• B、Configure all portable computers to use MS-CHAP v2 authentication.
• C、Use the Group Policy Management Console to access the wireless Group Policy settings， and enable the Prevent connections to ad-hoc networks option.
• D、Use the Group Policy Management Console to access the wireless Group Policy settings， and disable the Prevent connections to infrastructure networks option.