You are an Enterprise administrator for contoso.com. The corporate network of the company consists of a single Active Directory domain. The functional level of the domain is Windows Server 2008. All the servers and domain controllers in the domain run Windows Server 2008 and all client computers run Windows Vista.
The network contains three Network Policy Server (NPS) servers that are configured as Remote Authentication Dial-In User Service (RADIUS) servers. The servers are named as contosoServer1, contosoServer2, and contosoServer3. The contosoServer1 runs Microsoft SQL Server 2005.
The network also contains 30 wireless access points that are configured as a RADIUS client. Which of the following options would you choose to audit access to the wireless access points?
You need to ensure that the audit data is stored at a central location in a format that is simple to query and all RADIUS attributes and all RADIUS vendor-specific attributes are recorded.
Which of the following options would you choose to accomplish the desired task? (Select Two. Each correct answer will present a part of the answer.)
A.
Audit for account logon events on the domain controllers
B.
Configure RADIUS accounting by using SQL logging on each server
C.
Use contosoServer1 as the database for RADIUS accounting.
D.
Forward all security events from the NPS servers to contosoServer1.
E.
Audit for logon events on the NPS servers
F.
Forward all security events from contosoServer2 and contosoServer3 to contosoServer1.
Explanation:
To ensure that the audit data is stored at a central location in a format that is simple to query and all RADIUS attributes and all RADIUS vendor-specific attributes are recorded, you need to configure RADIUS accounting by using SQL logging on each server. Use contosoServer1 as the database for RADIUS accounting
The Internet Authentication Service (IAS) in Microsoft Windows Server is the Microsoft implementation of a RADIUS server and proxy server. As a RADIUS server, IAS performs centralized authentication, authorization, and accounting (AAA) of various types of network connections. As a RADIUS proxy server, IAS can forward RADIUS requests to another RADIUS server for AAA.
IAS can log to text logs or Microsoft SQL Server databases. Text based logging of RADIUS authentication and accounting information is disabled by default in IAS.
You need to use contosoServer1 as the database for RADIUS accounting because SQL server is installed on contosoServer1.
http://www.microsoft.com/technet/security/prodtech/windowsserver2003/pkiwire/PGCH05.mspx?mfr=true