Installing, Configuring, and Troubleshooting the NPS Role / Implementing NAP Flashcards Preview

MCSA 70-411 - Global Knowledge > Installing, Configuring, and Troubleshooting the NPS Role / Implementing NAP > Flashcards

Flashcards in Installing, Configuring, and Troubleshooting the NPS Role / Implementing NAP Deck (30)
Loading flashcards...
1
Q
  1. What is a RADIUS Client
  2. What is a RADIUS Server?
A
  1. VPN Server
  2. RADIUS Authentication Server
2
Q

What does the PowerShell CmdLet Do?

Export-NpsConfiguration

A

Exports NPS settings.

3
Q

What does the PowerShell CmdLet Do?

Get-NpsRadiusClient

A

Gets RADIUS clients.

4
Q

What does the PowerShell CmdLet Do?

Get-NpsRemediationServer

A

Retrieves a list of remediation servers from a remediation server group.

5
Q

What does the PowerShell CmdLet Do?

Get-NpsRemediationServerGroup

A

Retrieves all remediation server groups from a Network Policy Server.

6
Q

What does the PowerShell CmdLet Do?

Get-NpsSharedSecretTemplate

A

Returns a list of available shared secret templates.

7
Q

What does the PowerShell CmdLet Do?

Import-NpsConfiguration

A

Imports NPS settings.

8
Q

What does the PowerShell CmdLet Do?

New-NpsRadiusClient

A

Creates a RADIUS client.

9
Q

What does the PowerShell CmdLet Do?

New-NpsRemediationServer

A

Creates a remediation server.

10
Q

What does the PowerShell CmdLet Do?

New-NpsRemediationServerGroup

A

Creates a remediation server group.

11
Q

What does the PowerShell CmdLet Do?

Remove-NpsRadiusClient

A

Removes a RADIUS client.

12
Q

What does the PowerShell CmdLet Do?

Remove-NpsRemediationServer

A

Removes a remediation server from a remediation server group.

13
Q

What does the PowerShell CmdLet Do?

Remove-NpsRemediationServerGroup

A

Removes a remediation server group from an NPS.

14
Q

What does the PowerShell CmdLet Do?

Set-NpsRadiusClient

A

Specifies configuration settings for a RADIUS client.

15
Q

What is a RADIUS Server (NPS) ?

A

A central connection for authentication, authorization, and accounting for wireless autheticationg, switch, dialup, and VPN connections

16
Q

What is a RADIUS Proxy?

A

a Server that is configured with connection request policies that indicate which connection request the NPS Server will foward the connection request to.

It can also be used for providing authentication & autherization for non AD members or by using a non Windows Database

17
Q

What is a NAP Policy Server?

A

A NAP Policy server is a what evaluates the statement of health sent by NAP cable client computers attempting to connect to the network

18
Q

What does the following cmd do?

NETSH

A

Netsh is a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a currently running computer.

19
Q

What does RADIUS stand for?

A

Remote Authentication Dial-In User Service protocol

20
Q

What does the NPS (Network Policy Server) provide?

A

It provides the following:

  • RADIUS Server
  • RADIUS Proxy
  • NAP (Network Access Protection)
21
Q

Please describe the following NPS Functions:

  • RADIUS Server
  • RADIUS Proxy
  • NAP Policy Server
A
  • RADIUS Server
    • NPS performs centeralized connection authentication, authorization, and account for wireless, switch, & dial-up/VPN connections
  • RADIUS Proxy
    • You configure connection request policies that indicate which connection requests the NPS server will forward to other RADIUS servers and to which RADIUS server you want to forward connection requests
  • NAP Policy Server
    • NPS evaluates statements of health sent by NAP-cable client computers that attempt to connect to the network
22
Q

What is local vs RADIUS authentication?

A
  • Local authentication takes place against the local security account DB or AD DS
  • RADIUS authentication forwards the connection request to a RADIUS server for authentication
23
Q

What ports are used for authentication and accouting for RADIUS?

What about legacy RADIUS?

A
  • 1812 for authentication and 1813 for accounting
  • 1645 for authentication and 1646 for accounting
24
Q

What are the requirements for certificates based authentication in NPS?

A
  • CA certificate
  • Client computer certificate
  • Server certificate
  • User certificate
25
Q

NPS Authentication

Is a CA certificate required for EAP-TLS/PEAP-TLS?

Is a CA certificate required for PEAP-MS-CHAPv2?

A
  • Yes. The CA certificate is enrolled automatically for domain member computers. For nondomain member computers, you must import the certificate manually into the certificate store.
26
Q

NPS Authentication

Is a Client computer certificate required for EAP-TLS/PEAP-TLS?

Is a Client computer certificate required for PEAP-MS-CHAPv2?

A
  • Yes. Client computer certificates are required unless user certificates are distributed on smart cards. Client certificates are enrolled automatically for domain member computers. For nondomain member computers, you must import the certificate manually or obtain it with the Web- enrollment tool.
  • No, user authentication is performed with password-based credentials not certificates
27
Q

NPS Authentication

Is a Server Certificate required for the NPS Server for EAP-TLS/PEAP-TLS?

Is a Server Certificate required for the NPS Server for PEAP-MS-CHAPv2?

Why?

A
  • Yes

Why: The NPS server sends the server certificate to the client computer. The client computer uses the certificate to authenticate the NPS server.

28
Q

NPS Authentication

Is a User Certificate required for EAP-TLS/PEAP-TLS?

Is a User Certificate required for PEAP-MS-CHAPv2?

A
  • Yes
  • No
29
Q

What are the different types of accouting or logging in NPS?

A
  • Event Logging
  • Loggin user authentication and account requests
30
Q

How would you configure a NPS Server? No Roles have been installed

A
  • Install the Network Policy and Access Services Role from server manager or PowerShell
  • Register the NPS Server with AD
    • Open the Network Policy Server
    • Right-Click the NPS (Local), Select Register Server in Active Directory
      *