Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Wind

ows Server 2008 R2 or Windows Server 2012.

All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.

All client computers receiv

e IP addresses by using DHCP.

You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:

Verify whether the client computers have up-to-date antivirus software.

Provides a warning to users who have virus

definitions that are out-of-date.

Ensure that client computers that have out-of-date virus definitions can connect to the network.

Which NAP enforcement method should you recommend?

A. DHCP

B. IPSec

C. VPN

D. 802.1x

Explanation:

NAP enforc

ement for DHCP

DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS).

Using DHCP enforcement, DHCP servers and NPS can enforce health poli

cy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective.

Note: T

he NAP health policy server can use a health requirement server to validate the health state of the NAP client or to determine the current version of software or updates that need to be installed on the NAP client.