Your network contains an Active Directory domain named contoso.com. The domain contains servers that run either Wind
ows Server 2008 R2 or Windows Server 2012.
All client computers on the internal network are joined to the domain. Some users establish VPN connections to the network by using Windows computers that do not belong to the domain.
All client computers receiv
e IP addresses by using DHCP.
You need to recommend a Network Access Protection (NAP) enforcement method to meet the following requirements:
Verify whether the client computers have up-to-date antivirus software.
Provides a warning to users who have virus
definitions that are out-of-date.
Ensure that client computers that have out-of-date virus definitions can connect to the network.
Which NAP enforcement method should you recommend?
A. DHCP
B. IPSec
C. VPN
D. 802.1x
Explanation:
NAP enforc
ement for DHCP
DHCP enforcement is deployed with a DHCP Network Access Protection (NAP) enforcement server component, a DHCP enforcement client component, and Network Policy Server (NPS).
Using DHCP enforcement, DHCP servers and NPS can enforce health poli
cy when a computer attempts to lease or renew an IP version 4 (IPv4) address. However, if client computers are configured with a static IP address or are otherwise configured to circumvent the use of DHCP, this enforcement method is not effective.
Note: T
he NAP health policy server can use a health requirement server to validate the health state of the NAP client or to determine the current version of software or updates that need to be installed on the NAP client.