Your network contains an Active Directory domain named contoso.com. The domain contains 500
servers that run Windows Server 2012 R2.
You have a written security policy that states the following:
Only required ports must be open on the servers.
All of the servers must have Windows Firewall enabled.
Client computers used by administrators must be allowed to access all of the ports on all of the
servers.
Client computers used by the administrators must be authenticated before the client computers can
access the servers.
You have a client computer named Computer1 that runs Windows 8.
You need to ensure that you can use Computer1 to access all of the ports on all of the servers
successfully. The solution must adhere to the security policy.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose
three.)

A.
On Computer1, create a connection security rule.

B.
On all of the servers, create an outbound rule and select the Allow the connection if it is secure
option.

C.
On all of the servers, create an inbound rule and select the Allow the connection if it is secure
option.

D.
On Computer1, create an inbound rule and select the Allow the connection if it is secure option.

E.
On Computer1, create an outbound rule and select the Allow the connection if it is secure option.

F.
On all of the servers, create a connection security rule.

Explanation:
Unlike firewall rules, which operate unilaterally, connection security rules require that both
communicating computers have a policy with connection security rules or another compatible IPsec
policy.
Traffic that matches a firewall rule that uses the Allow connection if it is secure setting bypasses
Windows Firewall. The rule can filter the traffic by IP address, port, or protocol. This method is
supported on Windows Vista or Windows Server 2008.
References:
http://technet.microsoft.com/en-us/library/cc772017.aspx
http://technet.microsoft.com/en-us/library/cc753463.aspx