READ Free Dumps For Microsoft- 70-410
Question ID 8983 | Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2.
Server2 establishes an IPSec connection to Server1.
You need to view which authentication method was used to establish the initial IPSec connection. What should you do?
|
Option A | From Windows Firewall with Advanced Security, view the quick mode security association.
|
Option B | From Event Viewer, search the Application Log for events that have an ID of 1704
|
Option C | From Event Viewer, search the Security Log for events that have an ID of 4672.
|
Option D | From Windows Firewall with Advanced Security, view the main mode security association.
|
Correct Answer | D |
Explanation Explanation/Reference: Main mode negotiation establishes a secure channel between two computers by determining a set of cryptographic protection suites, exchanging keying material to establish a shared secret key, and authenticating computer and user identities. A security association (SA) is the information maintained about that secure channel on the local computer so that it can use the information for future network traffic to the remote computer. You can monitor main mode SAs for information like which peers are currently connected to this computer and which protection suite was used to form the SA. To get to this view In the Windows Firewall with Advanced Security MMC snap-in, expand Monitoring, expand Security Associations, and then click Main Mode. The following information is available in the table view of all main mode SAs. To see the information for a single main mode SA, double-click the SA in the list. Main mode SA information You can add, remove, reorder, and sort by these columns in the Results pane: Local Address: The local computer IP address. Remote Address: The remote computer or peer IP address. 1st Authentication Method: The authentication method used to create the SA. 1st Authentication Local ID: The authenticated identity of the local computer used in first authentication. 1st Authentication Remote ID: The authenticated identity of the remote computer used in first authentication. 2nd Authentication Method: The authentication method used in the SA. 2nd Authentication Local ID: The authenticated identity of the local computer used in second authentication. 2nd Authentication Remote ID: The authenticated identity of the remote computer used in second authentication. Encryption: The encryption method used by the SA to secure quick mode key exchanges. Integrity: The data integrity method used by the SA to secure quick mode key exchanges. Key Exchange: The Diffie-Hellman group used to create the main mode SA. Reference: http://technet.microsoft.com/en-us/library/dd448497(v=ws.10).aspx
Question ID 8984 | Your network contains an Active Directory domain named contoso.com. All of the AppLocker policy settings for the member servers are configured in a Group Policy object (GPO) named GPO1.
A member server named Server1 runs Windows Server 2012 R2.
On Server1, you test a new set of AppLocker policy settings by using a local computer policy. You need to merge the local AppLocker policy settings from Server1 into the AppLocker policy settings of GPO1.
What should you do?
|
Option A | From Local Group Policy Editor on Server1, export an .inf file. Import the .inf file by using Group Policy Management Editor.
|
Option B | From Server1, run the Set-ApplockerPolicy cmdlet.
|
Option C | From Local Group Policy Editor on Server1, export an .xml file. Import the .xml file by using Group Policy Management Editor.
|
Option D | From Server1, run the New-ApplockerPolicy cmdlet.
|
Correct Answer | B |
Explanation Explanation/Reference: The Set-AppLockerPolicy cmdlet sets the specified Group Policy Object (GPO) to contain the specified AppLocker policy. If no Lightweight Directory Access Protocol (LDAP) is specified, the local GPO is the default. When the Merge parameter is used, rules in the specified AppLocker policy will be merged with the AppLocker rules in the target GPO specified in the LDAP path. The merging of policies will remove rules with duplicate rule IDs, and the enforcement setting specified by the AppLocker policy in the target GPO will be preserved. If the Merge parameter is not specified, then the new policy will overwrite the existing policy. References: http://technet.microsoft.com/en-us/library/ee791816(v=ws.10).aspx Exam Ref 70-410: Installing and configuring Windows Server 2012 R2, Chapter 10: Implementing Group Policy, Lesson1: Planning, Implementing and managing Group Policy, p. 479