Determining Where Trust Relationships Are Necessary
In this practice, you will examine requirements for CompTIA A+ certification multiple demand-dial VPNs. Your objective is to discover where it might be necessary to develop a trust relationship. Read the scenario and then answer the question that follows. If you are unable to answer the question, review the lesson materials and try the question again. You can find the answer to the questions in the “Questions and Answers” section at the end of the chapter.
Scenario
You are the security administrator for Humongous Insurance. All tunnels are remote access VPNs. The company has decided to improve security between all sites by pro?viding site-to-site VPNs. The tunnel administrator has set up the VPN routers and con?figured the demand-dial interfaces, but some sites cannot connect to others. You have the following information to work with: a sketch of the necessary site-to-site VPNs (Fig?ure 7-18) and a table that lists the trust relationships that are necessary.
Data centers for each agency are managed by the agency. Each data center includes MCITP study guides free download, Windows 2000 computers, and a variety of other operating systems. (Some data centers include UNIX systems, AS 4000, IBM mainframes, or all of these.) Employees at the agency headquarters are using Windows XP Professional. Salespeople and telecommuting employees have a variety of desktop and laptop systems running Windows 98 second edition, Windows 2000 Professional, and Windows XP Professional.
Regardless of whether the VPN server is located behind the firewall or in front of it, you should configure the firewall to open only the required ports and configure the VPN server to protect itself by allowing only VPN traffic on its external network interface.
Know which ports are required for VPN protocol access through the firewall.
You configure remote access account lockout by using the registry. This has no relationship to Account Lockout in the Group Policy Account Policy settings.
Processing your request, Please wait....
