Your company has a main office and is adding a branch office. The main office and the new branch each have an ISA Server 2006 computer. You want to connect the main office and the branch office networks by using a site-to-site VPN. You create a site-to-site VPN connection that connects the office networks by using the L2TP over IPSec VPN protocol. Computer certificates are installed on the ISA Server computer at each office. When you create the remote site network on each ISA Server computer, you configure it to use certificates and a preshared key. At each office, the preshared key is configured as the office name on the ISA Server computer at that office.
From the ISA Server computer at the main office, you repeatedly run the ping command to a host on the branch office network. The site-to-site VPN fails. You open the Routing and Remote Access console and manually dial the demand-dial interface. You receive the following error message: The last connection attempt failed because: The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer.
You need to enable the site-to-site VPN connection by using the most secure IPSec authentication method possible.
What should you do?

Your network contains an ISA Server 2006 computer named ISA1. The relevant portion of the network is configured as shown in the exhibit.
When you installed ISA Server 2006 on ISA1, you defined the Internal network address range as 10.0.1.0 through 10.0.1.255.
You create an access rule to allow all traffic from the Internal network to the External network. Users are not required to be authenticated to use this rule. Users on network IDs 10.0.2.0/24 and 10.0.3.0/24 report that they cannot connect to the Internet.
You examine the routing tables on the router and on ISA1 and confirm that they are correctly configured.
You need to ensure that users on network IDs 10.0.2.0/24 and 10.0.3.0/24 can connect to the Internet.
What should you do?

Your network contains an ISA Server 2006 computer named ISA1, which runs Windows Server 2003. ISA1 has three network adapters. Each adapter is connected to one of the following:
Internal network, perimeter network, and Internet. All administrative hosts exist in the Internal network.
You create a file named C:AlertsNetworkAlert.cmd. The NetworkAlert.cmd uses net.exe to send the following message to all administrative computers: Problem with network connectivity on ISA1.
You enable the default Network configuration changed alert. You add a custom alert named Network Connectivity. The properties of the Network Connectivity alert are configured as shown in the Alert Events exhibit and the Alert Actions exhibit.
You test the Network Connectivity alert by disabling the ISA1 network adapter that is connected to the perimeter network. You see the corresponding alert in both the Alerts view and the application log of Event Viewer. However, the message is not received on any of the administrative computers.
You need to ensure that the administrative computers receive the text message when the Network Connectivity alert is triggered. You also need to be able to test the alert by disabling the perimeter network adapter on ISA1.
What should you do?

You are the administrator of an ISA Server 2006 computer named ISA1. ISA1 is configured to publish two Web sites named www.fabrikam.com and www.contoso.com. Both Web sites are located on a Windows Server 2003 computer named Server1. The IP address of Server1 is 10.0.0.2.
The Web publishing rules are configured as shown in the following display.
Both the www.fabrikam.com/info and www.contoso.com/info virtual directories point to a common file share.
The default log view does not allow you to easily distinguish between requests for www.fabrikam.com/info and requests for www.contoso.com/info. A sample of the log with the relevant entries is shown in the following table.
You need to ensure that the log viewer displays the fully qualified domain names (FQDNs) for the Web site requests. In addition, you need to filter the log viewer to display only the requests for both the www.contoso.com/info and the www.fabrikam.com/info virtual subdirectories.
What should you do?

Your network contains an ISA Server 2006 computer named ISA1. The IP address bound to the external network adapter of ISA1 is 192.168.100.141. You run the netstat Cna command on ISA1. The relevant portion of the output is shown in the following table.
You need to be able to quickly verify whether ISA1 is allowing traffic to TCP port 139. What should you do?

You are the administrator of an ISA Server 2006 computer named ISA1. ISA1 has two network adapters. Access rules allow users on the Internal network to have HTTP access to the Internet.
You add a third network adapter to ISA1 and connect the third network adapter to a perimeter network.
You place a Web server named WebServer2 on this perimeter network segment. WebServer2 must be accessible to computers on the Internal network. You create a computer object for WebServer2 and then create an access rule that allows Internal network clients HTTP access to WebServer2.
Users are not required to authenticate with ISA1 to access WebServer2. Users report that they cannot access information on WebServer2. When they attempt to access the Web site, they receive the following error message: Error Code 10060: Connection timeout. Background:
There was a time out before the page could be retrieved. This might indicate that the network is congested or that the website is experiencing technical difficulties. You need to ensure that users on the Internal network can access information on WebServer2.
First, you verify that WebServer2 is operational.
What should you do next?

Your network consists of a single Active Directory domain. You have a single server that runs ISA Server 2006.
The server is configured as a firewall and as a Web proxy. The network contains 300 desktop client computers. All client computers are joined to the domain. Users only have user level privileges on their computers. The internal network is configured to accept Web Proxy connections and Firewall client connections.
You need to deploy Firewall Client for ISA Server to all the desktop client computers. You must achieve this goal by using the minimum amount of administrative effort.
What should you do?

Your company has a main office and a branch office. Each office has an IT staff. Each office contains an ISA Server Enterprise Edition array that provides firewall and proxy services. You create two security groups named MainIT and BranchIT. You add the user accounts for the IT staff from the main office to the MainIT group. You add the user accounts for the IT staff from the branch office to the BranchIT group.
You need to configure the security of your ISA Server environment to meet the following requirements:
Give the IT staff in the main office full administrative access to both ISA Server arrays. Allow IT staff in the branch office to view firewall rules for the branch office ISA Server array. Prevent IT staff in the branch office from changing the configuration of the branch office ISA Server array.
Prevent IT staff in the branch office from accessing the configuration of the main office ISA Server array.
What should you do?

You have a computer named ISA1 that runs ISA Server 2006 Standard Edition. You have reports that contain information about Web usage and Security content. You need to give a support technician the ability to create alerts definitions. You must achieve this goal while providing the minimum permissions possible. Which rights should you assign to the support technician?

Your network contains a server that runs ISA Server 2006. The ISA Server provides firewall services. The server also segments the internal network. A DHCP server assigns the IP configuration to all client computers in the network. You manually assign the IP configuration to all servers in the network. The ISA Server is the default gateway for the internal network.
Users report that when they try to connect to the Internet they lose their connection or the connection is very slow.
When you run a network trace you notice that some computers lose the connection to the network when a large number of TCP sessions are established in a short space of time. You also notice that the TCP packet header sequence numbers are different after passing through the ISA Server.
You need to resolve the connectivity issues.
What should you do?