Server FS1 contains confidential data that is only available to users in the Payroll department. Chad wants all computers in the Payroll department to connect to FS1 using an IPSec policy. He assigns the Server (Request Security) IPSec policy to FS1.
Using Network Monitor, Chad notices that some computers in the Payroll department connect to FS1 without IPSec policy. What should Chad do to configure FS1 to ensure that all computers connect to it by using the IPSec policy?
Explanation
Answer - B - To ensure that all computers connect to FS1 by using the IPSec policy, assign the Secure Server (Require Security) IPSec policy.
Key Takeaway: The three predefined IPSec policies you can choose from are Client (respond only), Server (request security), and Secure Server (require security). The Client policy is used if you do not want IPSec to be used unless the server with which you are communicating requests it. The Server policy causes the computer to try to negotiate an IPSec connection, but if the server on the other end doesn’t support IPSec or is not configured to use it, your computer will still communicate via unsecured communications.
The Secure Server policy is used if you want the computer to send and accept IPSec secured communications only. If the computer on the other end can’t use IPSec, your computer will reject all traffic from it. This is the most secure security setting associated with an IPSec policy.
