You are the network administrator for AccuTrak Distributors. The - ProProfs Discuss
Topics
Products
Follow Us:

You are the network administrator for AccuTrak Distributors. The network contains Windows XP Professional and Windows Server 2003 computers in a single Active Directory, named accudist.com. A Windows Server 2003 computer named RAS1 is configured as a router and connected to several branch offices. You have implemented IPSec routing through RAS1. You must ensure that all packets routed through RAS1 are using IPSec. The company security policy states that the data portion of all packets passing through RAS1 must be encrypted. You must ensure that mutual authentication IPSec is not used. What should you do?



A. Use Network Monitor on RAS1. Capture all packets, and filter the packets based on the Internet Protocol (IP).
B. Use Network Monitor on RAS1. Capture all packets, and filter the packets based on the Layer Two Tunneling protocol (L2TP).
C. Use Network Monitor on RAS1. Capture all packets, and filter the packets based on the Authentication Header (AH) protocol.
D. Use Network Monitor on RAS1. Capture all packets, and filter the packets based on the Encapsulating Security Payload (ESP) protocol.

This question is part of

Microsoft 70-291 Practice Exam
Asked by Zachary, Last updated: Apr 26, 2020

+ Answer
Request

1 Answer

John Smith

John Smith

Answered Sep 08, 2016

Use network monitor on ras1. capture all packets, and filter the packets based on the authentication header (ah) protocol. -explanation: you should use network monitor on ras1, capture all packets, and filter the packets based on the authentication header (ah) protocol. the ah protocol is an ipsec protocol that is used to configure ipsec for mutual authentication only. it does not perform any encryption. as a result, any packets using ah would not fit the companys security policy. after you identified the computers using ah, you could configure them to comply with the companys security policy. you should not use network monitor on ras1, capture all packets, and filter the packets based on the internet protocol (ip). this will simply display all ip traffic. ip traffic is not ipsec traffic. you should not use network monitor on ras1, capture all packets, and filter the packets based on the layer two tunneling protocol (l2tp). this will simply display all l2tp traffic. the scenario said nothing about using l2tp over ipsec. you should not use network monitor on ras1, capture all packets, and filter the packets based on the encapsulating security payload (esp) protocol. the esp protocol is an ipsec protocol that is used to configure ipsec for data encryption. this configuration would simply show you all the packets that are using ipsec as expected. it would not show you the packets that are using the incorrect form of ipsec.
 

Search for Google images
Select a recommended image
Upload from your computer
Search for Google images
Select a recommended image
Upload from your computer
Search for Google images
Select a recommended image
Upload from your computer

Email Sent
We have sent an email to your address "" with instructions to reset your password.