Test your basic knowledge |

MCTS: Configuring Windows Firewall And Network Access Protection

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. Each SHV produces a _____ - which can contain remediation instructions (such as the version number of an antivirus signature file) if the client doesn't meet that SHV's health requirements.






2. The NAP health policy server uses the ______ to determine the level of access the client computer should have and whether any remediation is necessary.






3. The ______ are the server components that analyze the SoH generated by the SHA and create an SoH Response (SoHR).






4. The 802.1X access point applies the ACL to the connection and ______ all packets that are not allowed by the ACL.






5. NAP is designed to connect hosts to different network resources depending on their current ______.






6. You need to create outbound firewall rules only when you configure outbound connections to be ______.






7. The ______ defines health requirements using SHV settings. Separate ______ must exist for both compliant and noncompliant clients.






8. The NAP health policy server sends the SSoHR back to the NAP client through the NAP enforcement point. The NAP enforcement point can now connect a ______ computer to the network or connect a ______ computer to a remediation network.






9. You can also use IPsec connection security to allow healthy computers to ______ healthy computers.






10. NAP depends on a Win Server 2008 or Win Server 2008 R2 NAP health policy server - which acts as a ______ server - to evaluate the health of client computers.






11. ______ enforcement does not provide remediation.






12. Health ______ determine which clients must meet health requirements - what those health requirements are - and what happens if a client cannot comply.






13. The ______ enforcement type uses Ethernet switches or wireless access points that support 802.1X authentication.






14. ______ allows you to verify that computers meet specific health requirements before granting them unlimited access to your internal network.






15. A ______ determines whether a request should be processed by NPS.






16. A group of servers that noncompliant clients can access is a ______.






17. Use the ______ snap-in to create an inbound firewall rule that allows a server application to receive incoming connections.






18. Which versions of Windows can act as NAP clients?






19. Windows Firewall ______ identifies connections that Windows Firewall allows or blocks.






20. VLANs are identified using a VLAN identifier - which must be configured on the switch itself. You can then use NAP to specify in which VLAN the ______ computers are placed.






21. Installing the HRA role service configures the following:






22. You can quickly verify a client's configuration by running the following command at a command prompt:






23. In the case of _____ - automated software attacks computers across the Internet - gains elevated privileges - copies itself to the compromised computer - and then begins attacking other computers (typically at random).






24. For NAP to work - a network component must enforce NAP by either allowing or denying network access. The following list describes the different NAP enforcement types you can use:






25. Which NAP enforcement types do not require support from your network infrastructure?






26. You must enable one policy to configure clients to use this enforcement type.






27. Configure the ______ policy to provide customized text (and - optionally - an image) that users will see as part of the NAP client interface.






28. Typically - a NAP deployment occurs in three phases:






29. ______ define which health checks a client must meet to be considered compliant.






30. Win 7 - Win Vista - Win Server 2008 - Win Server 2008 R2 - and Win XP SP3 include an ______ that monitors Windows Security Center settings.






31. NAP ______ allows you to identify noncompliant computers.






32. By default - Windows Firewall (as well as most other firewalls) ______.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


33. With 802.1X - compliant computers are granted full network access - and noncompliant computers are connected to a ______ network or completely prevented from connecting to the network.






34. The firewall profiles are:






35. You can configure client NAP settings using the three subnodes:






36. ______ is the most effective way to configure firewall settings for all computers in a domain.






37. With VPN server enforcement enabled - only ______ are granted unlimited network access.






38. The NAP client sends the SSoH to the NAP ______ through the NAP enforcement point.






39. IPsec enforcement requires a CA running Win Server ______ or ________ Certificate Services and NAP to support health certificates.






40. The ______ enforcement type requires clients to perform a NAP health check before they can receive a health certificate.






41. The Domain firewall profile applies whenever a computer can communicate with its ______.






42. The ______ are the client components that create a Statement of Health (SoH) containing a description of the health of the client computer.






43. One of the most powerful ways to increase computer security is to configure firewall ______.






44. NAP health validation takes place between two components:






45. If a computer falls out of compliance after connecting to the 802.1X network - the 802.1X network access device can change the computer's ______.






46. To install NAP - first install the ______ role - then select the Network Policy Server check box on the Select Role Services page.






47. This installs the core NPS service - which is sufficient for using the Win Server 2008 computer as a RADIUS server for ______ - ______ - or ______ enforcement.






48. To install HRA - first install the ______ role - then select the Network Policy Server check box on the Select Role Services page.






49. The only time you would want to configure the scope using the ______ group is when the computer is configured with multiple IP addresses - and you do not want to accept connections on all IP addresses.






50. After configuring the NPS server - you must configure client computers for NAP. The easiest way to do this is to use ______ node.