Test your basic knowledge |

MCTS: Configuring Windows Firewall And Network Access Protection

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The ______ are the client components that create a Statement of Health (SoH) containing a description of the health of the client computer.






2. Use the ______ snap-in to create an inbound firewall rule that allows a server application to receive incoming connections.






3. Use the ______ subnode to configure an HRA for IPsec NAP clients to use.






4. NAP health validation takes place between two components:






5. The Private profile must be ______ applied to a network. The Public profile applies any time a ______ is not available - and a network has not been configured as Private.






6. One of the most powerful ways to increase computer security is to configure firewall ______.






7. Which versions of Windows can act as NAP clients?






8. To install HRA - first install the ______ role - then select the Network Policy Server check box on the Select Role Services page.






9. Configure the ______ policy to provide customized text (and - optionally - an image) that users will see as part of the NAP client interface.






10. IPsec enforcement requires a CA running Win Server ______ or ________ Certificate Services and NAP to support health certificates.






11. ______ allows you to verify that computers meet specific health requirements before granting them unlimited access to your internal network.






12. The NAP health policy server combines the SoHRs from the multiple SHVs into a ______.






13. By default - Windows Firewall (as well as most other firewalls) ______.

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


14. This installs the core NPS service - which is sufficient for using the Win Server 2008 computer as a RADIUS server for ______ - ______ - or ______ enforcement.






15. Health ______ determine which clients must meet health requirements - what those health requirements are - and what happens if a client cannot comply.






16. Each SHA on the NAP client validates its system health and generates an SoH. The NAP client combines the SoHs from multiple SHAs into a ______ - which includes version info for the NAP client and the set of SoHs for the installed SHAs.






17. The ______ defines health requirements using SHV settings. Separate ______ must exist for both compliant and noncompliant clients.






18. The NAP health policy server uses its installed SHVs and the health requirement policies that you have configured to determine whether the NAP client ______.






19. With 802.1X - compliant computers are granted full network access - and noncompliant computers are connected to a ______ network or completely prevented from connecting to the network.






20. The ______ type enforces NAP for remote access connections using a VPN server running Win Server 2008 or Win Server 2008 R2 and Routing and Remote Access.






21. To install NAP - first install the ______ role - then select the Network Policy Server check box on the Select Role Services page.






22. The ______ enforcement type uses a computer running Win Server 2008 or Win Server 2008 R2 and the DHCP Server service that provides IP addresses to intranet clients.






23. With the DHCP servers enforcement type - only ______ computers receive an IP address that grants full network access; ______computers are granted an IP address with a subnet mask of 255.255.255.255 and no default gateway.






24. A ______ determines whether a request should be processed by NPS.






25. Typically - a NAP deployment occurs in three phases:






26. ______ define which health checks a client must meet to be considered compliant.






27. For NAP to work - a network component must enforce NAP by either allowing or denying network access. The following list describes the different NAP enforcement types you can use:






28. 802.1X enforcement uses one of two methods to control which level of access compliant - noncompliant - and unauthenticated computers receive:






29. If an application must accept incoming connections but the developers have not documented the communication ports that the application uses - you can use the ______ tool to identify which ports the application listens on.






30. The ______ enforcement type requires clients to perform a NAP health check before they can receive a health certificate.






31. You can configure client NAP settings using the three subnodes:






32. Which NAP enforcement types do not require support from your network infrastructure?






33. ______ enforcement does not provide remediation.






34. With VPN server enforcement enabled - only ______ are granted unlimited network access.






35. The Domain firewall profile applies whenever a computer can communicate with its ______.






36. Windows Firewall ______ identifies connections that Windows Firewall allows or blocks.






37. NAP depends on a Win Server 2008 or Win Server 2008 R2 NAP health policy server - which acts as a ______ server - to evaluate the health of client computers.






38. Win 7 - Win Vista - Win Server 2008 - Win Server 2008 R2 - and Win XP SP3 include an ______ that monitors Windows Security Center settings.






39. NAP is designed to connect hosts to different network resources depending on their current ______.






40. Win Server 2008 and Win Server 2008 R2 include an SHV that corresponds to the SHA built into Windows ______.






41. Each SHV produces a _____ - which can contain remediation instructions (such as the version number of an antivirus signature file) if the client doesn't meet that SHV's health requirements.






42. The NAP client sends the SSoH to the NAP ______ through the NAP enforcement point.






43. NAP ______ allows you to identify noncompliant computers.






44. If a computer falls out of compliance after connecting to the 802.1X network - the 802.1X network access device can change the computer's ______.






45. You must enable one policy to configure clients to use this enforcement type.






46. ______ is the most effective way to configure firewall settings for all computers in a domain.






47. The ______ defines the level of network access clients get based on which health policy they match.






48. If you use Remote Desktop to allow users to control their desktops from remote computers across the Internet - you can use the ______ enforcement type to block access unless the client computer passes a health check.






49. Use the ______ subnode to configure cryptographic settings for NAP clients (the default settings are typically fine).






50. VLANs are identified using a VLAN identifier - which must be configured on the switch itself. You can then use NAP to specify in which VLAN the ______ computers are placed.