Question 5) Server 2003 Network Infrastructure

Posted on
Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

SubObjective: Plan Security for Wireless Networks
Multiple Answer Multiple Choice

 

You are the network administrator for your company. The company’s network consists of a single Active Directory domain. All domain controllers run Windows Server 2003, and all client computers run Windows XP Professional.

 

The company has deployed an extensive 802.1x wireless network. Access points (APs) have been deployed in most departments in the corporate headquarters to provide users in all departments with wireless connectivity to the wired LAN. Over 100 users in different departments have been issued laptop computers with wireless network adapters installed.

 

The company has issued laptop computers to 15 users in the auditing department. These users will work primarily in the auditing department offices, but will also perform audits in all areas of the corporate headquarters. There are currently no APs deployed in the auditing department.

 

You need to deploy APs in the auditing department. Users from other departments should not be able to use the APs that are deployed in the auditing department. However, users in the auditing department should be able to access APs throughout the corporate headquarters.

 

What should you do? (Choose two. Each answer is only part of the solution.)

 

A. Deploy the auditing access points (APs) using a unique Service Set Identifier (SSID).
B. Deploy the auditing access points (APs) using the existing Service Set Identifier (SSID).
C. Create a wireless network policy that provides Computer-to-computer (ad hoc) access to network users.
D. Create a wireless network policy that configures auditing department computers to automatically connect to non-preferred networks.
E. Create a wireless network policy that restricts access to the auditing department Service Set Identifier (SSID) to auditing department computers.
F. Use the Connection Manager Administrative Kit (CMAC) wizard to create a service profile that allows access to the new access points (APs) to users in the auditing department.

 

Answer:
A. Deploy the auditing access points (APs) using a unique Service Set Identifier (SSID).
E. Create a wireless network policy that restricts access to the auditing department Service Set Identifier (SSID) to auditing department computers.

 


Tutorial:
You should deploy the auditing access points (APs) using a unique Service Set Identifier (SSID). You should then create a wireless network policy that restricts access to the auditing department Service Set Identifier (SSID) to auditing department computers.

 

You should use a unique SSID for the new auditing department APs to differentiate this network from the existing wireless network. Providing the dedicated SSID will allow you to create a wireless access policy that limits access to these APs to users in the auditing department. You can use wireless access policies to remove a wireless network from the list of preferred networks, preventing users outside of the auditing department from viewing the newly deployed APs’ SSID on the Preferred Network tab.

 

You should not deploy the auditing APs using the existing Service Set Identifier (SSID). Doing so would prevent you from using a wireless access policy to limit access to the auditing APs. Using this solution, all APs would use the same SSID, and differentiation between the wireless LANs would not be possible.

 

You should not create a wireless network policy that provides Computer-to-computer (ad hoc) access to network users. This form of wireless network does not use APs to connect to wired LANs, but allows each wireless client to view and connect to other clients. This form of wireless networking is not appropriate in corporate environments.

 

You should not create a wireless network policy that configures auditing department computers to automatically connect to non-preferred networks. This setting allows users to automatically connect to available networks that do not appear on the Preferred Networks tab. This would not meet the requirements in this scenario.

 

You cannot use the Connection Manager Administrative Kit (CMAC) wizard to create a service profile that allows access to the new APs to users in the auditing department. The CMACK wizard allows you to manage remote access connections, allowing you to provide users with more than one VPN server for connections, turn on end-user logging, configure browser proxy settings on client computers, enable or disable client-side split tunneling, and configure pre-shared keys for L2TP/IPSec connections. This wizard is not used for managing wireless networks.

 

Reference:
1. Microsoft TechNet – Search
– Configuring Wireless Network Policies

 

2. Microsoft TechNet – Search
– Define Active Directory-based wireless network policies

 

These questions are derived from the Self Test Software Practice Test for Microsoft Exam #70-293: Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure.

Like what you see? Share it.Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
cmadmin

ABOUT THE AUTHOR

Posted in Archive|

Comment: