70-291 Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
Note 2: 70-291 Answers are not shown in demo questions.
Exhibits and Answers are only provided in the Full Version.
Demo Question 18.
You work as the network administrator at EliteCertify.com. The EliteCertify.com network consists of a single Active Directory domain named EliteCertify.com. All servers on the EliteCertify.com network run Windows Server 2003 and all client computers run Windows XP Professional. EliteCertify.com has its headquarters in Chicago and branch offices in Dallas and Miami. Headquarters has a member server named EliteCertify -SR24 configured to run Internet Authentication Service (IAS). Three VPN servers are located in branch offices at IP addresses 131.107.10.5, 131.107.9.4, and 131.107.8.3. You expect no more than 30 concurrent connections per VPN server. All VPN servers receive the same settings when they dial in. The existing remote access policy, the Minutes clients can be connected (Session-Timeout) setting has a dial-in constraint of 10 minutes. There is no certification authority (C
A. on the network. What should you do to ensure when users attempt to connect to one of the VPN servers, each VPN server will implement a different dial-in constraint for the Minutes clients can be connected (Session-Timeout) setting? A separate remote access policy must be configured for each VPN server. A Client-IP-Address policy condition must be configured for each VPN policy on EliteCertify -SR24.
B. A separate remote access policy must be configured for each VPN server. Configure an L2TP Tunnel-Type remote access policy condition for each VPN policy on EliteCertify -SR24. Configure L2TP ports with the server's IP address in the Phone number for this device setting on each VPN server.
C. A single remote access policy must be configured. On each VPN server, Configure PPTP ports with the server's IP address in the Phone number for this device setting on each VPN server.
D. Configure A single remote access policy must be configured. Configure L2TP ports with the server's IP address in the Phone number for this device setting on each VPN server.
Display Answer
Purchase Full Version:
70-291 Printable PDF Prep Guide $49.95 BUY NOW!
70-291 Test Simulation Engine $69.95 BUY NOW!
70-291 PDF & Test Simulation Engine $99.95 BUY NOW!
Answer: A
Explanation: IAS is the Microsoft implementation of a Remote Authentication
Dial-In User Service (RADIUS) server and proxy, which provides authentication
and accounting for network access. You should be configuring a separate remote
access policy for each VPN server. Since EliteCertify -SR24 runs Internet
Authentication service, you should configure a Client-IP-Address policy condition
for each VPN policy on it.
Incorrect answers:
B. Configuring a separate remote access policy for each VPN server is correct. But you
should be configuring a Client-IP-Address policy condition for each VPN policy on
EliteCertify -SR24 and not L2TP Tunnel-type remote access policy conditions.
C, D. Using a single remote access policy will not ensure that each VPN server implements a
different dial-in constraint. Whether it is PPTP ports or L2TP ports that are configured
with the server's IP address, it will not work in this case.
Reference:
Diana Huggins, Windows Server 2003 Network Infrastructure Exam Cram 2 (Exam
), Chapter 5
- Based on the latest 70-291 exam objectives!
- Designed like actual 70-291 exam questions!
- 100% Verified Realistic 70-291 Exam Questions and Answers!
- Exhibits, Drag&Drop and Simulation 70-291 Questions Included!
- Constantly Updated Guide to Reflect the Current 70-291 Exams!
- Detailed Explanations for Most Guide Practice Exams!
Sponsored Links
Demark
England
NY, USA
Keyword
