Exercise 8-1: Viewing the IP Routing Table
2. At the command prompt, type route print, and then press ENTER. QUESTION What is the Netmask for the 10.1.0.0 Network Destination?
ANSWER
The Netmask is 255.255.0.0.
CHAPTER REVIEW QUESTIONS
1. You are the network administrator for Fabrikam, Inc. Fabrikam’s network consists of several subnets. Current network users require access to only the company intranet and other internal company resources such as file shares and printers. Fabrikam, Inc., recently hired a team of developers who will be joining your network and whose connectivity requirement you must support. Which of the following options would require you to implement a routing solution for the new developer team? Choose all that apply.
a. The developer team needs corporate connectivity, but its test appli-cations must be isolated from the rest of the network.
b. The developer team uses Internet access to connect to the corporate network.
c. The developer team does not require Internet access, and its test applications do not require corporate connectivity.
d. Source code repositories must be encrypted when stored and accessed across the network.
ANSWER
a and b. Answer a is correct. This solution requires a separate subnet to isolate the traffic to the test applications and requires a routing solution to connect the two networks. Answer b is correct. This solution requires a routing solution to con-nect the two networks, the Internet, and the corporate network. Answer c is incor-rect. Because there is no requirement for separate networks/subnets, no routing solution is required. Answer d is incorrect. Encryption by itself does not require a routing solution.
34 TEXTBOOK CHAPTER 8 ANSWERS: CONFIGURING ROUTING BY USING ROUTING AND REMOTE ACCESS
2. You are the network administrator for Fabrikam, Inc. Fabrikam’s network consists of several subnets. Current network users require access to only the company intranet and other internal company resources such as file shares and printers. Fabrikam, Inc., recently hired a team of developers who will be joining your network and whose connectivity requirements you must support. Which of the following options would require you to determine a packet-filtering solution for the new developer team? Choose all that apply.
a. The developer team needs full corporate connectivity, but its test applications must be isolated to only specific test computers.
b. The developer team needs corporate connectivity, but its test appli-cations must be completely isolated from users on the rest of the net-work.
c. The developer team does not require Internet access and its test applications do not require corporate connectivity.
d. The developer team uses a predetermined unique protocol to test its applications.
ANSWER
a and d. Answer a is correct. Because you must isolate specific computers, you can configure packet filtering to filter for the individual IP addresses of the test computers. Answer d is correct. Because the developer team uses a predeter-mined unique protocol, you can configure packet filtering to filter for the specific protocol. Answer b is incorrect. You cannot filter for an individual account. Answer c is incorrect. A packet-filtering solution has no impact on this scenario.
3. Over the past several weeks, users have intermittently complained that they were unable to connect to the VPN server. You examine the network logs and determine that each of the complaints occurred when network usage was peaking. You have ruled out addressing as the cause. What is the most likely reason for the intermittent access problems?
ANSWER
At peak usage, the number of VPN users attempting to connect exceeds the number of available VPN ports.
4. You have configured your remote access server to distribute addresses to remote access clients through a DHCP server. However, you find that your remote access clients assign themselves with only APIPA addresses.
Name two possible causes of this scenario.
ANSWER
1. A DHCP server is not available on the network segment, and a DHCP relay agent has not been configured.
2. The DHCP server did not have 10 free addresses in its scope when the Routing and Remote Access server started up.
TEXTBOOK CHAPTER 8 ANSWERS: CONFIGURING ROUTING BY USING ROUTING AND REMOTE ACCESS 35
5. Fabrikam, Inc., recently deployed smart cards to employees who require remote access to the corporate network. Which authentication protocol must you use to support the use of smart cards?
ANSWER EAP-TLS.
6. Fabrikam, Inc., management wants to ensure that data transferred during remote access are encrypted. Which authentication protocols provide data encryption?
ANSWER
EAP-TLS, MS-CHAP v2, and MS-CHAP v1.
7. You have recently created a new domain in a Windows Server 2003 net-work, and the domain functional level is Windows 2000 mixed. How is the Allow Access setting in the dial-in properties of a user account differ-ent in this environmdiffer-ent from that in other server environmdiffer-ents?
ANSWER
In Windows 2000 mixed-mode domains, the Allow Access setting does not override the access permission set in the remote access policy. In other server environments, the Allow Access setting does override the access permission configured in the remote access policy.
8. You are troubleshooting a failed remote access connection. You verify that the user account’s dial-in properties are set to Allow Access and that the first matching remote access policy is set to Grant Remote Access Per-mission. The client still cannot connect. What should you check next?
ANSWER
You should check the remote access policy profile. Constraints configured in the remote access policy profile, such as allowed dial-up hours, are preventing the con-nection from being established.
36 TEXTBOOK CHAPTER 8 ANSWERS: CONFIGURING ROUTING BY USING ROUTING AND REMOTE ACCESS