You need to create the physical design for the Active Directory and Network
Infrastructure for the new Stanford Finance network. To this end you need to
decide what type of traffic should be allowed to pass through the external firewall.
What should you do? (Each correct answer presents part of the solution. Choose
TWO)
A. Allow DNS, VPN, RPC and WINS traffic to pass through the external firewall.
B. Allow DNS, VPN and HTTP traffic to pass through the external firewall.
C. Allow POP3, SMTP and DHCP traffic to pass through the external firewall.
D. Allow HTTPS and SMTP traffic to pass through the external firewall.
E. Allow DNS and POP3 traffic to pass through the external firewall.
Answer: B, D
Explanation: it is stated in the scenario that:
1. We should therefore configure the firewalls to block all unauthorized traffic to both the
internal and external networks.
Therefore you should allow DNS, VPN, HTTP, HTTPS and SMTP traffic to pass
through the external firewall.
DNS - depending on the particular DNS implementation on the external network, you
could block or allow incoming DNS traffic through the external firewall.
Leading the way in IT testing and certification tools, www.certifyme.com
- 16 -
VPN - the Stanford Finance users with laptop workstation will make use of VPNs to
connect to the resources on the internal network
HTTP - the general public will use HTTP to connect to the Stanford Finance public Web
site.
HTTPS - the external network users will use HTTPS to connect to the Stanford Finance
secure Web site.
SMTP - this will be required for Internet e-mail delivery.
Incorrect answers:
A: This option is partly correct except for RPC and WINS traffic. RPC is a means of
interprocess communication which is commonly used within a protected environment,
not over the Internet.350-001 This will make the network vulnerable.640-802 Wins traffic should actually
be blocked since you should not allow Internet users the ability to resolve the NetBIOS
names of any of the computers on the internal or the external network.
C: This option is partly correct except for POP3 and DHCP traffic because POP3 is used
to retrieve mail and messages from mailboxes, and DHCP across the external firewall is
not a requirement.
E: This option is partly correct except for POP3 traffic that should not be allowed to pass
through the external firewall.VCP-310 POP3 is a protocol commonly used by e-mail clients for
retrieving messages from mailboxes.
Reference:
TechNet - IT solutions Microsoft Systems Architecture Version 2.0 - reference
Architecture Kit.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment