New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Review Sheet

by: Alfreda Wisoky III

Review Sheet Review Sheet

Alfreda Wisoky III
Weber State University
GPA 3.61

Bus Educ

Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Bus Educ
Class Notes
25 ?




Popular in Course

Popular in Telecommunication

This 4 page Class Notes was uploaded by Alfreda Wisoky III on Wednesday October 28, 2015. The Class Notes belongs to Review Sheet at Weber State University taught by Bus Educ in Fall. Since its upload, it has received 23 views. For similar materials see /class/230814/review-sheet-weber-state-university in Telecommunication at Weber State University.

Similar to Review Sheet at Weber State University


Reviews for Review Sheet


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 10/28/15
70299 MCSE Guide to Implementing and Administering Security in a Windows Server 2003 Network 101 Chapter 10 Solutions Review Questions 1 9 gt V 0 gt1 00 0 O i i H 19 L 4 H V 0 Which of the following secure Internet communication uses port Answer b Which are not elements of SSL communication Choose all that apply Answer b c d Which encryption protocol is only used by lIicrosoft clients and servers Answer c Which of the following are forms of EAP authentication Choose all that apply Answer b c Which tunneling protocol is only used with Windows 2000 Professional and newer clients Answer c Which of the following may be used in multifactor authentication Choose all that apply Answer a bd Which tunneling protocol may have issues being used through a NAT Answer Which of the following ports on a firewall should be open to allow for LZTPIPSec inbound or outbound tunneling Choose all that apply Answer b c d Which of the following ports on a firewall should be open to allow for PPTP inbound or outbound tunneling nswer a Which authentication protocol sends the user s credentials in clear text Answer Which Microsoft clients support MSCHAPvZ on Dial up connections Choose all that apply Answer bc Smart cards use which of the following types of EAP authentication Answer a Which tool provides a wizard that can assist you in building profiles and proxy settings that are customized for your users to either dialin with or use over a VPN Answer Which of the following components of Remote Access Policy are checked at the beginning of a session Answer a d Which type of Internet communication is secured using digital certificates Answer a Which of these are settings in a CMAK are custom actions Choose all that apply Answer a b c 70299 MCSE Guide to Implementing and Administering Security in a Windows Server 2003 Network 102 17 Which are ways to distribute your client configuration once you have completed the CMAK service profile Choose all that apply Answer a b 00 Which of the following authentication protocols can be used by all clients no matter what operating system they are using Answer c O Which of the following can you use SSL to encrypt Choose all that apply Answer a c N O Which of the following are some general rules that apply for using Web certificates Choose all that apply Answer 21 VPNs use a combination of which of the following technologies to create secure connections Choose all that apply Answer b c d N N The security and renewal requirements for your certificates should be based on which of the following factors Choose all that apply Answer a c N L If multiple policies are configured they will be processed in which of the following orders Answer c N 4 Windows Server 2003 supports which of the following VPN protocols Answer a N Lquot Which of the following are benefits of using a VPN Choose all that apply Answer a b d Activities Activity 10 1 The purpose of the activity is to have the students learn how to use the lpdexe command to check LDAP communication over port 636 and 3269 Note lLicrosoft Support Tools must be installed to complete Activity 10l Activity 10 2 The purpose of the activity is to have the students learn how to configure your server for SSL certificates using the HS Manager tool Note Active Directory HS and Certificate services need to be installed on the machine They should have already done this in previous chapters Activity 10 3 The purpose of the activity is to have the students verify that the certificate they requested in the last activity was indeed issued import it and learn how to configure their server to accept client SSL certificates and verify them against a certificate trust list using the HS Manager tool Activity 10 4 The purpose of the activity is to have the students learn how to enable Routing and Remote Access to use MS CHAP v2 for dial1n connection authentication Activity 10 5 70299 MCSE Guide to Implementing and Administering Security in a Windows Server 2003 Network 103 The purpose of the activity is to have the students learn how to enable Routing and Remote Access to use the server as a Activity 10 6 The purpose of the activity is to have the students learn how to create and configure a new remote access policy Activity 10 7 The purpose of the activity is to have the students learn how to install and use the CMAK to create a service profile for VPN users Note lIicrosoft Baseline Security Analyzer must be installed to complete Activity 107 Case Projects Case Project 10 1 The ChallengeHandshake Authentication Protocol CHAP can be used to provide ondemand authentication within an ongoing data transmission CHAP uses a oneway hashing function that first involves a service requesting a CHAP response from the client The client creates a hashed value that is derived using the message digest MDS hashing algorithm and sends this value to the service which also calculates the expected value itself The server referred to as the authenticator compares these two values and if they match the transmission continues This process is repeated at random intervals during a session of data transaction In other words the remote access server knows the password but it does not ask the client for the password Instead the remote access server sends a challenge message that is encrypted so that the client will only be able to decrypt the challenge if the client actually has the password The client then decrypts the challenge using its password and a hash algorithm after which the client sends the result back to the server The server compares the result with its own decryption of the challenge using the same password Microsoft Challenge Handshake Authentication Protocol uses the same type of challengeresponse mechanism as CHAP but it uses a nonreversible encrypted password Since Windows 95 clients support MSCHAP v2 for virtual private networking VPN connections but not for dial up connections MSCHAP v2 is not an option Case Project 10 2 Microsoft Challenge Handshake Authentication Protocol version 2 uses a challenge response mechanism but it is much more sophisticated than that of MSCHAP With MSCHAP v2 the server must first prove to the client that it knows the correct password that the client should send Then the client answers the challenge of the server to provide the proof that it has the password During this process separate cryptographic keys are generated for transmitted and received data during the authentication process MSCHAP v2 is supported by client computers running Windows XP Windows 2000 Windows 98 Windows Mllennium Edition ME and Windows NT version 40 A dialup connection typically uses MSCHAP v2 as the user authentication method to authenticate the router along with MPPE for data encryption Case Project 10 3 Layer Two Tunneling Protocol is extension of the PPP protocol created by combining the best qualities of PPTP and Layer 2 Forwarding LZF L2TP is a Datalink extension of PPP that sets up a single pointtopoint connection between two computers L2TPIPSec provides data integrity data origin authentication data confidentiality and replay protection for each packet Since L2TP defines its own tunneling protocol it requires support on the routers of the ISP but it can encapsulate PPP packets for transmission over protocols like X25 Frame Relay and ATM tunnels It is protocol independent and includes an authentication mechanism For LZTPIPSec connections you can use any user authentication protocol because the authentication occurs after the VPN client and VPN server have established a secure communication channel Case Project 10 4 In order to encrypt confidential information exchanged between the Web server and the client the Secure Sockets Layer SSL protocol can be used with IIS 60 SSL is a public keybased security protocol that is used by Internet services and clients for authentication message integrity and confidentiality The SSL process uses certificates for authentication and encryption for message integrity and confidentiality In order to establish encrypted communications using SSL you must have a valid server certificate installed Certificates include keys that are used 70299 MCSE Guide to Implementing and Administering Security in a Windows Server 2003 Network 104 to establish an SSLencrypted connection The certificatebased SSL features in HS consist of a server certificate a client certificate and various digital keys The World Wide Web Publishing Service WWW service on your Web server uses a key pair to negotiate an encrypted connection with the client browser You can use Certificate Services to create certificates or you can obtain certificates from a mutually trusted thirdparty organization called a certification authority CA This process can be used with both the Hypertext Transfer Protocol over Secure Sockets Layer HTTPS and the LDAPS protocols Encryption is used to protect the private information that clients exchange with a server such as credit card numbers or phone numbers When you enable SSL encryption you can prevent unauthorized individuals from understanding the original content of your transmissions Encrypted transmissions can significantly reduce transmission rates and server performance therefore to maintain the performance level of your Web server consider using SSL encryption only for sensitive information such as financial transactions Case Project 10 5 CMAK is a wizard that guides you through the process of building profiles customized for your business You can use CMAK to fully customize a connection and provide additional functionality for a user There are many new features on the CMAK wizard for Windows Server 2003 including the following I Provide routing table updates that only apply while clients are connected to your server split tunneling I Automatically configure Internet Explorer proxy settings for a client computer I Enable clients to choose which VPN server to use when they make a connection I Automatically run applications on the client computer or on the server at the time of the I connection You can create a prepackaged and preconfigured dialup client connection for installation on your users computers Large remote access deployments can be complex and difficult to manage without tools to centrally configure dialup clients Using the CMAK can automate the client configuration process and eliminate the need for clients to configure separate connections and manage separate logins There are several ways to distribute your client configuration once you have completed the service profile I Distribute CDs or floppy disks containing your selfinstalling Connection Manager package Send a service profile through email to your users Set up a Web site where users can download the service profile Install the service profile on each client individually Use a combination of distribution method


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Steve Martinelli UC Los Angeles

"There's no way I would have passed my Organic Chemistry class this semester without the notes and study guides I got from StudySoup."

Kyle Maynard Purdue

"When you're taking detailed notes and trying to help everyone else out in the class, it really helps you learn and understand the I made $280 on my first study guide!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"

Parker Thompson 500 Startups

"It's a great way for students to improve their educational experience and it seemed like a product that everybody wants, so all the people participating are winning."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.