Your network contains an Active Directory named contoso.com.
The domain contains the computers configured as shown in the following table.
Server1 has a share named Share1 with the following configurations:-
Server1, Computer1, and Computer2 have the connection security rules configured as shown in follow:-
For each of the following statements are true? Choose Three.
A.
When Computer1 accesses Share1, SMB encryption will be used: YES
B.
When Computer1 accesses Share1, SMB encryption will be used: NO
C.
When Computer2 accesses Share1, SMB encryption will be used: YES
D.
When Computer2 accesses Share1, SMB encryption will be used: NO
E.
When Server1 accesses a shared folder on Computer1, IPsec encryption will be used: YES
F.
When Server1 accesses a shared folder on Computer1, IPsec encryption will be used: NO
Explanation:
A and C are correct.
The shared folder “Share1” is configured with “EncryptData : True”, no matter which network the client resides,
SMB 3 communication will be encrypted.
When Server1 access Computer1 over network, the original packet L3 IP Header is as follow:-
172.16.1.30 –> 172.16.10.60
These traffic does not match the enabled IPSec rule “Rule2” nor “Rule3”, and the only matching rule “Rule1” is
disabled. So, no IPsec encryption will be achieved.
F is correct.
I think it’s A B E
Rule1 is valid for both computers;
172.16.1.30 is within the 172.16.1.0/24 scope added in “endpoint 2”
server 1 is within the 172.16.10.0/24 scope added in “endpoint 1”
the rules are not Source – Destination like so encryption is enforced at this point when communication is starting from either side.
1
1
do you mean A C E ? A+B is kinda impossible.
6
0