Home > Sample chapters

Upgrading Your Skills to MCSA Windows Server 2012 R2: Configure Network Services and Access

Answers

This section contains the answers to the Objective Review and the Thought Experiment.

Objective 6.1: Review

  1. Correct answer: C

    1. Incorrect: In Windows Server 2012 R2 and Windows 8.1, Kerberos can be used in place of a computer certificate.
    2. Incorrect: A user certificate is not required to establish a DirectAccess connection.
    3. Correct: DirectAccess connections are based on IPv6 communication. If the DirectAccess client cannot obtain a global IPv6 address from its environment, the client must obtain one with the aid of an IPv6 transition technology.
    4. Incorrect: IPv4 communication is not required for DirectAccess.
  2. Correct answer: B

    1. Incorrect: If only desktop computers and virtual machines are having trouble connecting through DirectAccess, this setting is most likely already enabled.
    2. Correct: This command would disable the setting that limits DirectAccess connectivity to mobile computers only.
    3. Incorrect: This setting would force all traffic from the client to pass through the DirectAccess connection. It would not help desktop and virtual computers establish a DirectAccess connection.
    4. Incorrect: This setting would remove the requirement that clients force all traffic to pass through the DirectAccess connection. It would not help desktop and virtual computers establish a DirectAccess connection.
  3. Correct answer: A

    1. Correct: This command would deploy DirectAccess for remote management only.
    2. Incorrect: This command would deploy full DirectAccess for client access and remote management.
    3. Incorrect: This command would require NAP health checks on DirectAccess clients. It would not configure DirectAccess clients for management only.
    4. Incorrect: This command would disable NAP health checks on DirectAccess clients. It would not configure DirectAccess clients for management only.

Thought experiment

  1. You can configure the NPRT so that the four internal Fabrikam.com resources are associated with internal DNS servers.
  2. You can enable a multisite deployment. You first need to make sure that the DirectAccess servers are running Windows Server 2012 or later, that the clients are running Windows 8 or later, and that your company has deployed a PKI.
  3. Configure a DNS suffix search list in the Infrastructure Server Setup for the DirectAccess deployment for the Na.fabrikam.com domain.
  4. You can consider virtual smart cards or OTPs.