3. You are the Network Administrator at MNC Infocom. Your company has three departments: Sales, Marketing, and Management. All the departments have their routers located in the department space. You need to set up dynamic routing on all the routers so that they can communicate with each other. In addition, you have to configure the Routing Information Protocol (RIP) routing protocol on all the routers for this purpose. How will you perform the preceding task?

To implement dynamic routing for the computer, you need to perform the following tasks:
Configure the dynamic routing protocol.
Configure RIP on R1.
Configure RIP on R2.
Configure RIP on R3.




Task 1: Configuring the Dynamic Routing Protocol To configure the dynamic routing protocol, you need to perform the following steps: 1. Press the Windows key. The Start screen is displayed. 2. Type GNS3. 3. Right-click the GNS3 tile, and then select the Run as administrator option. The User Account Control dialog box is displayed. 4. Click the Yes button. The GNS3 window with the New Project dialog box is displayed. r Note If the Tips page message box is displaye4 click the OK button If the Internet Explorer window is displayed, close the window. 5. Click the Cancel button. 6. Click the Browse Routers icon in the left pane. 7. Drag and drop Router 6700 to the workspace three times. 8. Close the Routers pane. 9. Press and hold the Shift key, and click the Add a link (N) icon in the left pane, and then select the Manual option. 10. Click the RI icon, and then select f0/0. 11. Click the R2 icon, and then select f0/0. /Qv LINote This connects RI and R2 with a wine 12. Click the R2 icon, and then select f0/1. 13. Click the R3 icon, and then select f0/0. iciri \f1\bullet  Note This connects R2 and R3 with a wire. 14. Click the Add a link (IN) icon in the left pane. 15. Click the Start/Resume all devices button on the toolbar. fat itdo' This initiates the three added routers. 16. Right-click the RI icon, and then select the Console option. The R1 console window is displayed. 17. Run the following commands in the RI console window to configure R1: a. Type enable, and then press the Enter keY. b. Type configure terminal, and then press the Enter key c. Type hostname Sales, and then press the Enter key. d. Type interface f0/0, and then press the Enter key. \par
e. Type ip address 192.168.1.1 255.255.255.0, and then press the Enter \par
f. Type no shutdown, and then press the Enter key. g. Type exit, and then press the Enter key 18. Click the Minimise button to minimise the R1 console window 19. Right-click the R2 icon, and select the Console option. The RI console window is displayed. 20. Run the following commands in the R2 console window to configure R2: a Type enable, and then press the Enter key. b. Type configure terminal, and then press the Enter key. c. Type hostname Marketing, and then press the Enter key. d. Type interface f0/0, and then press the Enter key. e. Type ip address 192.168.1.2 255.255.255.0, and then press the Enter key. f. Type no shutdown, and then press the Enter key. g. Type exit, and then press the Enter key It Type interface fon, and then press the Enter key i. Type ip address 101.100.99.98 255.255.255.0, and then press the Enter key. j. Type no shutdown, and then press the \par
Enter key. k Type exit, and then press the Enter key. 21. Click the Minimize button to minimise the R2 console window 22. Right-click the R3 icon, and then select the Console option. The R3 console window is displayed. 23. Run the following commands in the R3 console window to configure R3: a Type enable, and then press the Enter keY. It Type configure terminal, and then press the Enter key. c. Type hostname Management and then press the Enter key. d. Type interface f0/0, and then press the Enter key. e. Type ip address 101.100.99.97 255.255.255.0, and then press Enter. f Type no shutdown, and then press the Enter key. g. Type exit, and then press the Enter key. 24. Click the Minimize button to minimise the R3 console window 25. Click the computers icon on the taskbar, and then click the RI thumbnail to switch to the R1 console window. 26. Type do ping 101.100.99.97, and then press the Enter key. ,17 e_ Note The ping command does not work because RI only has the information of the networks connected to its interfaces. In case of RI, it is a 192.168.1.0/24 network on interface, ,JD/0. r17 Tip You need to co figure RI to understand the mutes to reach R3 automatically Thu should configure the a5momic routing protocol, RIP, to configure routing on all the routers. 27. Click the Minimize button to minimize the R1 console window. 28. Click the computers icon on the taskbar, and then click the R.3 thumbnail to switch to the R3 console window. 29. Type do ping 192.168.1.1, and press the Enter key. \par
ic79 _ "7 Note The ping command does not work here, because R3 do not have the route information of RI. 30. Click the Minimize button to minimize the R3 console window. 31. Click the computers icon on the taskbar, and then click the R2 thumbnail to switch to the R2 console window. 32. Type do ping 192.168.1.1, and then press the Enter key. 33. Type do ping 101.100.99.97, and then press the Enter key. \par
Tip R2 R2 have the information for both the routers \par
because it is in the middle and both the networks are connected to its interfaces. Routers by default have the information of the routes connected to their interfaces. You can ope the command on the routers to see from which routing Mformation the routers have to vend". the output before con figuring RIP. 34. Type do show ip mute, and then press the Enter key. zelLr Note This command shows you the route information the router currently has in its muting table. 35. Click the Minimize button to minimize the R2 console window. Task 2: Configuring RIP on R1 To configure RIP on R1, you need to perform the following steps: \par
1. Click the computers icon on the taskbar, and then click the RI thumbnail to switch to the RI console window 2. Run the following commands in the R1 console window to configure RIP: a. Type router rip, and then press the Enter key. b. Type version 2, and then press the Enter key. c. Type network 192.168.1.0, and then press the Enter key. d. Type exit, and then press the Enter key. 3. Click the Minimize button to minimize the RI console window. \par
Task 3: Configuring RIP on R2 To configure RIP on R2, you need to perform the following steps: 1. Click the computers icon on the taskbar, and then click the Rt thumbnail to switch to the R2 console window. 2. Run the following commands in the R2 console window to configure RIP: a. Type router rip, and then press the Enter key. b. Type version 2, and then press the Enter key. c. Type network 192.168.1.0, and then press the Enter key. d. Type network 101.100.99.0, and then press the Enter key. e. Type exit, and then press the Enter key. 3. Click the Minimize button to minimize the R2 console window. Task 4: Configuring RIP on R3 To configure RIP on R_3, you need to perform the following steps: 1. Click the computers icon on the taskbar, and then click the R3 thumbnail to switch to the R3 console window. 2. Run the following commands in the R3 console window to configure RIP: a. Type router rip, and then press the Enter key. b. Type version 2, and then press the Enter key. c. Type network 101.100.99.0, and then press the Enter key. d. Type exit, and then press the Enter key. e. Type do show ip route, and then press the Enter key. r4Note This displays that this muter have the route information ofRl. 3. Type do ping 192.168.1.1, and press the Enter key. Note You we able to successfully ping RI. 4. Click the Minimize button to minimize the R3 console window. 5. Click the computers icon on the taskbar, and then click the R1 thumbnail to switch to the R1 console window. 6. Type do show ip route, and then press the Enter key. rGrtiNote This shows that this router has the route information of R3. 7. Type do ping 101.100.99.97, and press the Enter \par
key. \par
8. Close all the open windows without saving any changes. 9. Shut down and revert the Image_Win8_CL1 virtual machine. \f0\par
}

2. You are the Network Administrator at XYZ Systems. You have to configure the command line interface on the company's router so that the router can be configured and managed remotely from your computer. You need to set up the same on the company's core router. How will you perform the preceding task?

To configure Telnet on a router, you need to perform the following tasks:
Configure Telnet.
Creating a Telnet session on the router.


Task 1: Configuring Telnet To configure Telnet, you need to perform the following steln: 1. Press the Windows key. The Start screen is displayed. 2. Type GNS3. 3. Right-click the GNS3 tile, and then select the Run as administrator option. The User Account Control dialog box is displayed. 4. Click the Yes button. The GNS3 window with the New Project dialog box is displayed. 2 AP, Note If the Tips page message box is displayed click the OK button If the Internet Explorer window is displayed, close the window 5. Click the Cancel button. 6. Click the Browse Routers icon in the left pane. . Drag and drop Router c3700 to the workplace pane two times. 8. Close the Routers pane. 9. Press and hold the Shift key, and click the Add a link (N) icon in the left pane, and then select the Manual option. 10. Click the R1 icon in the workplace pane, and then select f0/1. 11. Click the R2 icon in the workplace pane, and then select f0/1. 12. Click the Add a link (N) icon in the left pane. 13. Click the Start/Resume all devices button on the toolbar. Note After the routers start working, the red buttons beside the routers turn green 14. Right-click the R1 icon, and then select the Console option. The R1 console window is displayed. 15. Type enable, and then press the Enter key. !Gra \f1\emdash  Note This command enables the router. \par
16. Type configure terminal, and then press the Enter key. _ r Note This command corligures the router. 17. Type interface 10/1, and then press the Enter key. rri or Note This command is used to select the interface of the router 18. Type description internal network, and then press the Enter key. iC71Note Description command is used to give a small description of the Interface. 19. Type hostname LA-Router, and then press the Enter key.  v sf_ Note , This command is used to change the name of the router 20. Type interface f0/1, and then press the Enter key. 21. Type ip address 192.168.1.1 255.255.255.0, and then press the Enter key. Note This command is used to provide the IP address to the interface. 22. Type no shutdown, and then press the Enter key. \par
st r E  Note This command activates the interface. 23. Type exit, and then press the Enter key. 24. Type username admin password cisco, and then press the Enter key. ictri "'Note This command is used to provide the username and password for the telnet sessions. 25. Type line vty 0 4, and then press the Enter key. Note 1 N te The command is used to open a telnet session in router 26. Type login local, and then press the Enter key. 9 sr Note This command uses the login informationftom the local database of the router. LI. Type enable password cisco, and then press the Enter key. r Note This command is used to set up the password for the router 23. Type exit, and then press the Enter key. 29. Click the Minimize button to minimize the R1 console window. Task 2: Creating a Telnet Session on the Router To create a Telnet session on the router, you need to perform the following steps: 1. Right-click the R2 icon, and then select the Console option. The R2 console window is displayed. 2. Type enable, and then press the Enter key 3. Type configure terminal, and then press the Enter key. 4. Type interface f0/1, and then press the Enter key. 5. Type description internal network, and then press the Enter key. 6. Type hostname NY-Router, and then press the Enter key. 7. Type interface f0/1, and then press the Enter key. 8. Type ip address 192.168.1.2 255.255.255.0, and then press the Enter key. 9. Type no shutdown, and then press the Enter key. 10. Type exit, and then press the Enter key. 11. Type exit again, and then press the Enter key. 12. Type telnet 192.168.1.1 in the R2 console window, and then press the Enter key. 13. Type the usemame admin in the R2 console window, and then press the Enter key. 14. Type the password cisco in the R2 console window, and then press the Enter key. : \bullet  Note Telnet is opened from the R2 router. The RI router is being accessed from the R2 muter. Note that the console prompt in the R2 console window has changed from NY-Router# to LA-Router>. 15. Click the computers icon in the taskbar, and then click the R1 thumbnail to switch to the R1 console \f0\par

1. You are the Network Administrator at ABC-Solutions, which has its offices in Los Angeles. The company has set up two more offices in Texas and New York. You have been assigned the task to set up Frame Relay packet switching between all the offices so that users in these offices can communicate with each other. How will you perform the preceding task?

To configure packet switching in the three sites, you need to perform the following tasks:
Implement the Frame Relay packet switching technology.
Configure a Frame Relay connection between R1 and R2 and R1 and R3.
Configure a Frame Relay connection between R2 and R3.



Task 1: Implementing the Frame Relay Packet Switching Technology To implement the Frame Relay packet switching technology, you need to perform the following steps:
1. Ensure that the Start screen is displayed.
2. Type GNS3.
3. Right-click the GNS3 tile, and then select the Run as administrator option. The User Account Control dialog box is displayed.
4. Click the Yes button. The GNS3 window with the New Project dialog box is displayed.
5. Click the Cancel button.
6. Click the Browse Routers icon in the left pane.
7. Drag and drop Router c3700 to the center of the window three times and arrange them in a triangular sin
  • e, as shown in the following figure.
S 410 Router Placement
8. Close the Routers pane.
9. Click the Browse Switches icon in the left pane.
10. Drag and drop Frame Relay switch to the center of the window inside the triangular shape formed by routers, as shown in the following figure.
   a Frame Relay Switch Placement
11. Close the Switches pane.
12. Right-click FR1 in the workplace pane, and then select the Configure option.
13. Click FR1 in the left pane under Frame Relay switches.
14. Click the Add button in the FR1 node pane CoepIguration appears under the Mapping list
15. Change the existing value to 1 in the Port spin box in the Source section.
16. Click the Add button.
17. Click the Apply button.
18. Click the OK button.
19. Press and hold the Shift key, click the Add a link ail) icon in the left pane, and then select the Serial option. You will notice that a red cross mark appears beside the Add a link icon.
20. Click the R1 icon in the workplace pane.
21. Click the FRI ioon, and then select
22. Click the R2 icon.
23. Click the FR1 ioon and then select 10.
24. Click the R3 icon.
25. Click the FR1 icon, and then select 11.
26. Move the mouse pointer over the FR1 icon, and note down the Data Link Connection Identifier (DLCI) for all the ports.
  • Port 1: - Incoming dlci 101 is switched to port 10.
  • Port 10: - Incoming dlci 202 is switched to port 1.
  • Port 11: - Incoming dlci 203 is switched to port 1.
27. Click the Add a !laic (IN) icon in the left pane to remove the red cross mark.
28. Click the Start/Resume all devices button on the toolbar at the top.
29. Right-click the R1 icon, and then select the Console option in the workplace pane. The R1 console window is displayed.
30. Run the following commands in the R1 console window:
   a. Type enable, and then press the Enter
   b. Type configure terminal, and then press the Enter key.
   c. Type hostaame LA-Router, and then press the Enter key.
   d. Type interface serial 0/0, and then press the Enter key.
   e. Type ip address 101.100.99.98 255.255.255.0, and then press the Enter key.
   f. Type no shutdown, and then press the Enter key.
31. Click the Minimize button to minimize the R1 console window
32. Right-click the R2 icon, and then select the Console option in the workplace pane. The R2 console window is displayed.
33. Run the following commands in the R2 console window:
   a Type enable, and then press the Enter key.
   b. Type configure terminal, and then press the Enter key.
   c. Type hostname TX-Router, and then press the Enter key.
   d. Type interface serial 0/0, and then press the Enter key.
   e. Type ip address 101.100.99.97 255.255.255.0, and then press the Enter key.
   £ Type no shutdown, and then press the Enter key.
34. Click the Minimize button to iraMmin the R2 console window
35. Right-click the R3 icon, and then select the Console option in the workplace pane. The R3 console window is displayed.
36. Run the following commands in the R3 console window:
   a Type enable, and then press the Enter key-
   b. Type configure terminal, and then press the Enter key.
   c. Type hostname NY-Router, and then press the Enter key.
   d. Type interface serial 0/0, and then press the Enter key.
   e. Type ip address 101.100.99.96 255.255.255.0, and then press the Enter key.
   f. Type no shutdown, and then press the Enter key.
37. Click the Minimize button to minimize the R3 console window
38. Click the computers icon on the taskbar, and then click the R1 thumbnail to switch to the RI console window
39. Type do ping 101.100.99.96, and then press the Enter key. Note Even though all the sites on connected together physically, the Frame Relay is not set up and the ping command fails on the routers.
40. Type do ping 101.100.99.97, and then press the Enter key. fQ/ Note The ping command fails again because Frcrme Relay is not set up.
41. Click the Minimize button to minimize the R1 console window.
42. Click the computers icon on the taskbar, and then click the R2 thumbnail to switch to the R2 console window
43. Type do ping 101.100.99.98, and then press the Enter key. rre ti Note The ping command fails again because Frcrme Relay is not set up.
44. Click the Minimize button to minimize the R2 console window
45. Click the computers icon on the taskbar, and then click the R3 thumbnail to switch to the R3 console window.
46. Type do ping 101.100.99.98, and then press the Enter key.
47. Click the Minimize button to minimize the R3 console window.

Task 2: Configuring a Frame Relay Connection Between R1 and R2 and R1 and R3 To configure a Frame Relay connection between R1 and R2 and RI and R3, you need to perform the following steps:
1. Switch to the RI console window.
2. Type interface serial 0/0, and then press the Enter key
3. Type encapsulation frame-relay, and then press the Enter key.
4. Type frame-relay map ip 101.100.99.97 101 broadcast, and then press the Enter key.
5. Type frame-relay map ip 101.100.99.96 102 broadcast, and then press the Enter key.
6. Click the Minimize button to minimize the R1 console window
7. Switch to the R2 console window
8. Type interface serial 0/0, and then press the Enter key.
9. Type encapsulation frame-relay, and then press the Enter key.
10. Type frame-relay map ip 101.100.99.98 202 broadcast, and then press the Enter key.
11. Click the Minimize button in the R2 console window.
12. Switch to the R3 console window.
13. Type interface serial 0/0, and then press the Enter key.
14. Type encapsulation frame-relay, and then press the Enter key.
15. Type frame-relay map ip 101.100.99.98 203 broadcast, and then press the Enter key.
16. Click the Minimize button to nlitlinthe the R3 console window.
17. Switch to the R1 console window
18. Type do ping 101.100.99.97, and then press the Enter key.
19. Type do ping 101.100.99.96, and then press the Enter key.
20. Click the Minimize button to minimize the R1 console window.

Task 3: Configuring a Frame Relay Connection Between R2 and R3 To configure a Frame Relay connection between R2 and R3, you need to perform the following steps:
1. Switch to the R2 console window
2. Type do ping 101.100.99.96, and then press the Enter keys Note The ping command fails again because Frame Relay is not set up.
3. Type interface serial 0/0, and then press the Enter key.
4. Type frame-relay map ip 101.100.99.96 202 broadcast, and then press the Enter key.
5. Click the Minimize button to minimize the 142 console window
6. Switch to the R3 console window
7. Type do ping 101.100.99.97, and then press the Enter key.
8. Type interface serial 0/0, and then press the Enter key.
9. Type frame-relay map ip 101.100.99.97 203 broadcast, and then press the Enter key.
10. Type do ping 101.100.99.97, and then press the Enter keys Note The ping command is successful because the NY-router has connectivity to the 2X-router.
11. Click the Minimize button to minimize the R3 console window
12. Switch to the R2 console window
13. Type do ping 101.100.99.96, and then press the Enter key.
14. Close all the open windows without sating any changes. 

2. There are some roaming employees in your company who need to travel on official duties and connect to the company's network while out of office. Therefore, you need to configure a Routing and Remote Access Services (RRAS) server to support these remote users. How will you configure RRAS?

To implement the desired solution, you need to configure Windows RRAS as a dial-up server. To
configure Windows RRAS as a dial-up server, you need to perform the following tasks:
Install RRAS.
Configure the computer to act as a dial-up RRAS.
Install and verify the dial-up configuration.


Task 1: Installing RRAS To install RRAS, you need to perform the following steps in the Image_DC1 virtual machine:
1. Ensure that the Server Manager window is open and active.
2. Select Dashboard in the left pane.
3. Click the Add roles and features link in the right pane.
4. Click the Next button. The Select installation type page is displayed.
5. Click the Next button. The Select destination server page is displayed.
6. Click the Next button. The Select server roles page is displayed.
7. Select the Remote Access check box. The Add Roles and Features Wizard dialog box is displayed.
8. Click the Add Features button. The Select server roles page is displayed.
9. Click the Next button. The Select features page is displayed.
10. Click the Next button. The Remote Access page is displayed.
11. Click the Next button. The Select role services page is displayed.
12. Ensure that the DirectAccess and VPN (RAS) check box is selected.
13. Click the Next button. The Web Server Role (HS) page is displayed.
14. Click the Next button. The Select role services page is displayed.
15. Click the Next button. The Confirm installation selections page is displayed.
16. Select the Restart the destination server automatically if required check box.
17. Click the Yes button. The Confirm installation selections page is displayed.
18. Click the Install button. The Installation progress page is displayed.
19. Click the Close button.

Task 2: Configuring the Computer to Act as a Dial-up RRAS To configure the computer to act as a dial-up RRAS, you need to perform the following steps in the Image_DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the BIAGE_DC1 (local) node in the left pane.
4. Select Action-.Configure and Enable Routing and Remote Access from the menu bar.
5. Click the Next button. The Configuration page is displayed.
6. Ensure that the Remote access (dial-up or VPN) option is selected.
7. Click the Next button. The Remote Access page is displayed.
8. Select the VPN and Dial-up check boxes.
9. Click the Next button. The VPN Connection page is displayed.
10. Select the Local Area Connection option under the Name column.
11. Click the Next button. The IP Address Assignment page is displayed.
12. Ensure that the Automatically option is selected.
13. Click the Next button. The Managing Multiple Remote Access Servers page is displayed.
14. Click the Next button. The Completing the Routing and Remote Access Server Setup Wizard page is displayed.
15. Click the Finish button. The Routing and Remote Access message box is displayed.
16. Click the OK button.

Task 3: Installing and Verifying the Dial-up Configuration To install and verify the dial-up configuration in the Image_DC1 virtual machine, you need to perform the following steps:
1. Press the Windows key. The Start screen is displayed-
2. Click the Control Panel tile. The Control Panel window is displayed.
3. Click the System and Security link. The System and Security window is displayed.
4. Click the Device Manager link under the System section in the right pane. The Device Manager window is displayed.
5. Select the Image_DC1 node.
6. Select Action->Add legacy hardware.
7. Click the Next button. The The wizard can help you install other hardware page is displayed.
8. Select the Install the hardware that I manually select from a list (Advanced) option.
9. Click the Next button. The From the list below, select the type of hardware you are installing page is displayed.
10. Scroll down the Common hardware types list and select the Modems option.
11. Click the Next button. The Install New Modem page is displayed.
12. Select the Don't detect my modem; I will select it from a list check box.
13. Click the Next button. The Install New Modem page is displayed.
14. Scroll down the Models list and select the Standard 56000 bps Modem option.
15. Click the Next button. The Install New Modem page is displayed.
16. Ensure that the Selected ports option is selected.
17. Select the COM1 option under the Selected ports option.
18. Click the Next button.
19. Click the Finish button. The Device Manager window is displayed.
20. Close the Device Manager and System and Security windows.
21. Ensure that the Routing and Remote Access window is open and active.
22. Select the Ports node in the left pane.
23. Select Action—Properties.

1. Infogreen Corporations is a leading finance company in the U.S. with head office in Sunnyvale. The company has employees positioned at different locations worldwide, who frequently need to travel. Often, these employees need to connect to the network of the head office. Therefore, the management needs a solution that provides a secure remote connection to these employees. For this, Jim, the Server Administrator, has been assigned the task to formulate a network policy that provides an encrypted Virtual Private Network (VPN) connection to the head office for remote employees. In addition, he needs to create a VPN connection object on the employee computers for connecting to the head office network. How will Jim accomplish the assigned task?

To accomplish the given assignment, you need to perform the following tasks:
Configure RRAS as a VPN remote access solution.
Configure a new network policy for RRAS clients.
Configure logging.
Test logging levels.


Task 1: Configuring RRAS as a VPN Remote Access Solution To configure RRAS as a VPN remote access solution, you need to perform the following
1. Install the Network Policy and Access Services role in the Image_DC1 virtual machine.
2. Configure the Image DCL virtual machine as a VPN server with a static address pool for remote access clients.
3. Configure the available VPN ports on the RRAS server.

Task 1.1: Installing the Network Policy and Access Services Role in the Image DC1 Virtual MachineTo install the Network Policy and Access Services role in the Image_DC1 virtual machine, you need to perform the following steps:
1. Switch to the Image_DC1 virtual machine.
2. Ensure that the Server Manager window is open and active.
3. Click the Add roles and features link in the right pane.
4. Click the Next button. The Select installation type page is displayed.
5. Click the Next button. The Select destination server page is displayed.
6. Click the Next button. The Select server roles page is displayed.
7. Select the Network Policy and Access Services check box. The Add Roles and Features Wizard dialog box is displayed.
8. Click the Add Features button. The Select server roles page is displayed.
9. Click the Next button. The Select features page is displayed.
10. Click the Next button. The Network Policy and Access Services page is displayed.
11. Click the Next button. The Select role services page is displayed.
12. Ensure that the Network Policy Server check box is selected.
13. Click the Next button. The Confirm installation selections page is displayed.
14. Select the Restart the destination server automatically if required check box.
15. Click the Yes button. The Confirm installation selections page is displayed.
16. Click the Install button. The Installation progress page is displayed.
17. Click the Close button.

Task 1.2: Configuring the Image DC1 Virtual Machine as a IIPN Server with a Static Address Pool for Remote Access Clients
To configure the Image DC1 virtual machine as a VPN server with a static address pool for remote access clients, you need to perform the following steps:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the DIAGE_DC1 (local) node in the left pane.
4. Right-click the IMAGE_DC1 (local) node, and then select the Disable Routing and Remote Access option. The Routing and Remote Access dialog box is displayed.
5. Click the Yes button. The Stopping Routing and Remote Access message box is displayed and disappears automatirAtly after a few moments.
6. Right-click the 1MAGE_DC1 (local) node, and then select the Configure and Enable Routing and Remote Access option. The Welcome to the Routing and Remote Access Server Setup Wizard page is displayed.
7. Click the Next button. The Configuration page is displayed.
8. Click the Next button. The Remote Access page is displayed.
9. Select the VPN check box.
10. Click the Next button. The VPN Connection page is displayed.
11. Select the Local Area Connection option under the Name column in the Network interfaces list.
12. Click the Next button. The IP Address Assignment page is displayed.
13. Select the From a specified range of addresses option.
14. Click the Next button. The Address Range Assignment page is displayed.
15. Click the New button. The New IPv4 Address Range dialog box is displayed.
16. Type 172.16.0.20 and 172.16.0.30 in the Start IP address and End IP address text boxes, respectively.
17. Click the OK button. The Address Range Assignment page is displayed.
18. Click the Next button. The Managing Multiple Remote Access Servers page is displayed.
19. Click the Next button. The Completing the Routing and Remote Access Server Setup Wizard page is displayed.
20. Click the Finish button. The Routing and Remote Access dialog box is displayed.
21. Click the OK button. The Routing and Remote Access message box is displayed.
22. Click the OK button. After a few moments, the Routing and Remote Access window is displayed.

Task 1.3: Configuring the Available VPN Ports on the RRAS Server
To configure the available VP/C ports on the RRAS server, you need to perform the following steps in the Image_DC1 virtual machine:
1. Ensure that the BLAGE DC1 (local) node is expanded in the left pane.
2. Select the Ports node in the left pane.
3. Right-click the Ports node in the left pane, and then select the Properties option.
4. Double-click the WAN Miniport (SSTP) option under the Name column.
5. Select and replace the existing value with 0 in the Maximum ports spin box.
6. Click the OK button. The Routing and Remote Access dialog box is displayed.
7. Click the Yes button. The Ports Properties dialog box is displayed.
8. Double-click the WAN Miniport (PPTP) option under the Name column.
9. Select and replace the existing value with 25 in the Maximum ports spin box.
10. Click the OK button. The Routing and Remote Access dialog box is displayed.
11. Click the Yes button. The Ports Properties dialog box is displayed.
12. Double-click the WAN Miniport (L2TP) option under the Name column.
13. Select and replace the existing value with 25 in the Maximum ports spin box.
14. Click the OK button. The Routing and Remote Access dialog box is displayed.
15. Click the Yes button. The Ports Properties dialog box is displayed.
16. Click the OK button. The Routing and Remote Access window is displayed.
17. Close the Routing and Remote Access window

Task 2: Configuring a New Network Policy for RRAS Clients To configure a new network policy for RRAS clients, you need to perform the following steps in the Image DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Network Policy Server tile. The Network Policy Server window is displayed.
3. Expand the Policies node in the left pane.
4. Select the Network Policies node in the left pane.
5. Right-click the Network Policies node in the left pane, and then select the New option.
6. Type Secure LPN in the Policy name text box.
7. Select the Remote Access Server(VPN-Dial up) option from the Type of network access server drop-down list.
8. Click the Next button. The Specify Conditions page is displayed.
9. Click the Add button. The Select condition dialog box is displayed.
10. Scroll down the Select a condition, and then click Add list to locate the Connection Properties section.
11. Scroll down and double-click the Tunnel Type option under the Connection Properties section. The Tunnel Type dialog box is displayed.
12. Select the Layer Two Tunneling Protocol (L2TP) and Point-to-Point Tunneling Protocol (PPTP) check boxes under the Common dial-up and %TN tunnel types section.
13. Click the OK button. The Specify Conditions page is displayed.
14. Click the Next button. The Specify- Access Permission page is displayed.
15. Click the Next button. The Configure Authentication Methods page is displayed.
16. Clear the Microsoft Encrypted Authentication (MS-CHAP) check box.
17. Click the Next button. The Configure Constraints page is displayed.
18. Select the Day and time restrictions icon in the left pane under the Constraints section.
19. Select the Allow access only on these days and at these times check box in the right pane.
20. Click the Edit button. The Day and time restrictions dialog box is displayed.
21. Select the Denied option.
22. Select 12:00 PM to 6:00 PM time range from Monday to Friday.
23. Select the Permitted option.
24. Click the OK button. The Configure Constraints page is displayed.
25. Click the Next button. The Configure Settings page is displayed.
26. Select the Encryption icon under the Settings section in the left pane.
27. Clear all the check boxes except the Strongest encryption (MPPE 128-bit) check box in the right pane.
28. Click the Next button. The Completing New Network Policy page is displayed.
29. Click the Finish button. The Network Policy Server window is displayed.
30. Ensure that the Secure VPN policy is displayed under the Policy Name column in the right pane.
31. Close the Network Policy Server window.

Task 3: Configuring Logging To configure logging, you need to perform the following steps in in the Image_DC1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Routing and Remote Access tile. The Routing and Remote Access window is displayed.
3. Select the IMAGE_DC1 (local) node in the left pane.
4. Right-click the IMAGE DC1 (local) node, and then select the Properties option.
5. Click the Logging tab.
6. Select the Log all events option.
7. Click the OK button.
8. Close the Routing and Remote Access window

Task 4: Testing Logging Levels To test the logging levels, you need to perform the following steps in the Image Win8_CL1 virtual machine:
1. Switch to the Image_WinS_CL1 virtual machine.
2. Ensure that the Start screen is displayed.
3. Type Control Panel.
4. Press the Enter key. The Control Panel window is displayed.
5. Click the Network and Internet link. The Network and Internet window is displayed.
6. Click the Network and Sharing Center link in the right pane. The Network and Sharing Center window is displayed.
7. Click the Set up a new connection or network link under the Change your networking settings section. The Choose a connection option page of the Set Up a Connection or Network wizard is displayed.
8. Select the Connect to a workplace link.
9. Click the Next button.
10. Select Use my Internet connection (VPN).
11. Select I'll set up an Internet connection later.
12. Type 172.16.0.10 in the Internet address text box.
13. Ensure that the Remember my credentials check box is selected.
14. Click the Create button. The Networks pane is displayed.
15. Right-click Infogreen VPN in the Networks pane, and click View connection properties.
16. Click the Security tab.
17. Select the Allow these protocols option.
18. Ensure that the Microsoft CHAP Version 2 (MS-CHAP v2) check box is selected.
19. Click the OK button.
20. Click the Network icon (E) in the taskbar to open the Networks pane.
21. Select Infogreen %TN, and then click the Connect button. The Network Authentication pane is displayed.
22. Type Infogreen \ Administrator and PaSSwOrd in the User name and Password text boxes, respectively.
23. Click the OK button to connect with the VPN connection.

2. You are the System Administrator at AmpleInfo Corporations. The company's security policy states that only client computers that meet the security requirements of the network should be able to connect to the network. Now, you have been given a task to ensure security for the connections and establish a way to bring non compliant client computers into compliance automatically. You analyze the scenario and want to implement the Dynamic Host Configuration Protocol (DHCP) Network Access Protection (NAP) enforcement. How will you configure NAP and DHCP to accomplish the preceding task?

To accomplish the assigned task, you need to perform the following tasks:
Install the DHCP and Network Policy Server (NPS) server roles.
Configure the Image_SVR1 virtual machine as a NAP health policy server.
Configure the DHCP service for NAP enforcement.
Configure the Image_Win8_CL1 virtual machine as the DHCP and NAP client.
Test the NAP enforcement.




Task 1: Installing the DHCP and NPS Server Roles To install the DHCP and NPS server roles,page is displayed.you need to perform the following steps in the Image_SYR1 virtual machine:
1. Switch to the Image_SVR1 virtual machine.
2. Ensure that the Server Manager window is open and active.
3 Click the Add roles and features link in the right pane.
4. Click the Next button. The Select installation type page is displayed.
5. Click the Next button. The Select destination server page is displayed.
6. Click the Next button. The Select server roles.
7. Select the DHCP Server check box in the Roles list box_ The Add Roles and Features Wizard dialog box is displayed.
8. Click the Add Features button. The Select server roles page is displayed.
9. Select the Network Policy and Access Services check box. The Add Roles and Features Wizard dialog box is displayed.
10. Click the Add Features button. The Select server roles page is displayed.
11. Click the Next button. The Select features page is displayed.
12. Click the Next button. The DHCP Server page is displayed.
13. Click the Next button. The Network Policy and Access Services page is displayed.
14. Click the Next button. The Select role services page is displayed.
15. Ensure that the Network Policy Server check box is selected in the right pane.
16. Click the Next button. The Confirm installation selections page is displayed.
17. Select the Restart the destination server automatically if required check box. The Add Roles and Features Wizard dialog box is displayed.
18. Click the Yes button. The Confirm installation selections page is displayed.
19. Click the Install button. The Installation progress page is displayed. After a few minutes, the Configuration required message is displayed in the right pane.
20. Click the Complete DHCP configuration link. The Description page of DHCP Post-Install configuration wizard is displayed.
21. Click the Next button. The Authorization page is displayed.
22. Click the Commit button. The Summary page is displayed.
23. Click the Close button. The Installation progress page is displayed.
24. Click the Close button. The Server Manager window is displayed.
25. Select DHCP in the left pane.
26. Right-click the 1MAGE_SVR1 server under the Server Name column in the right pane, and then select the DHCP Manager option. The DHCP window is displayed.
27. Maximize the DHCP window.
28. Expand the Image_SVR1Adatum.com-.IPv4 nodes in the left pane.
29. Right-click the IPv4 node in the left pane, and then select the New Scope option. The Welcome to the New Scope Wizard page of New Scope Wizard is displayed.
30. Click the Next button. The Scope Name page is displayed.
31. Type N.-11:' Scope in the Name text box.
32. Click the Next button. The IP Address Range page is displayed.
33. Type 172.16.0.25 in the Start IP address text box.
34. Type 172.16.0.254 in the End IP address text box.
35. Click the Next button. The Add Exclusions and Delay page is displayed.
36. Click the Next button. The Lease Duration page is displayed.
37. Click the Next button. The Configure DHCP Options page is displayed.
38. Select the No, I will configure these options later option.
39. Click the Next button. The Completing the New Scope Wizard page is displayed.
40. Click the Finish button.
41. Select the Scope node in the left pane.
42. Right-click the Scope node in the left pane, and then select the Activate option.
43. Select the Server Options node in the left pane.
44. Right-click the Server Options node in left pane, and then select the Configure Options option. The Server Options dialog box is displayed.
45. Scroll down and select the 006 DNS Servers check box under the Available Options column.
46. Type 172.16.0.10 in the IP address text box.
47. Click the Add button. The DNS Validation message box is displayed for a few moments. After this, the address is added to the list box below the IP address text box.
48. Scroll down and select the 015 DNS Domain Name check box under the Available Options column.
49. Type Adatam.com in the String value text box.
50. Click the OK button.
51. Close the DHCP window.
52. Press the Windows+I keys. The Settings pane is displayed.
53. Select Power-tRestart.
54. Click the Continue button. After a few moments, the Press Ctrl+Alt+Delete to sign in screen is displayed.
55. Press the Ctrl+Alt+End keys.
56. Type PaSSwOrd in the Password text box.
57. Press the Enter key. After a few moments, the Server Manager window is displayed.

Task 2: Configuring the Image_SVR1 Virtual Machine as a NAP Health Policy Server To configure the Image_SVR1 virtual machine as a NAP health policy server, you need to perform the following tasks:
1. Configure Security Health Validator (SHV).
2. Configure remediation server groups.
3. Configure health policies.
4. Configure a network policy for compliant clients.
5. Configure a network policy for non compliant clients.

Task 2.1: Configuring SHV
To configure SHV, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Press the Windows key. The Stan screen is displayed.
2. Click the Network Policy Server tile. The Network Policy Server window is displayed.
3. Expand the Network Access Protection->System Health Validators->Windows Security Health Validator nodes in the left pane.
4. Select the Settings node.
5. Right-click the Default Configuration option under the Name column in the right pane, and then select the Properties option. The Windows Security Health Validator dialog box is displayed.
6. Ensure that the Windows 8/Windows 7/Windows Vista option is selected in the left pane.
7. Clear all the check boxes except the A firewall is enabled for all network connections check box in the right pane. For this, you can perform the following steps:
   a. Clear the Antivirus is up to date check box.
   b. Clear the An antivirus application is on check box.
   c. Clear the Antispyware is up to date check box.
   d. Clear the An antispnvare application is on check box.
   e. Clear the Automatic updating is enabled check box.
8. Click the OK button. The Network Policy Server window is displayed.

Task 2.2: Configuring Remediation Server Groups
To configure remediation server groups, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Right-click the Remediation Server Groups node in the left pane, and then select the New option.
2. Type the Groupl in the Group Name text box.
3. Click the Add button. The Add New Server dialog box is displayed.
4. Type 172.16.0.10 in the IP address or DNS name text box.
5. Click the OK button_ The New Remediation Server Group dialog box is displayed.
6. Click the OK button_ The Network Policy Server window is displayed.

Task 2.3: Configuring Health Policies
To configure health policies, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Expand the Policies node in the left pane.
2. Select the Health Policies node in the left pane.
3. Right-click the Health Policies node in the left pane, and then select the New option.
4. Type Compliant in the Policy name text box.
5. Ensure that the Client passes all SHV checks option is selected in the Client SHV checks drop-down list.
6. Select the Windows Security Health Validator check box under the SEM used in this health policy section.
7. Click the OK button. The Network Policy Server window is displayed.
8. Right-click the Health Policies node in the left pane, and then select the New option.
9. Type Non Compliant in the Policy name text box.
10. Select the Client fails one or more SHV checks option from the Client SHV checks drop-down list.
11. Select the Windows Security Health Validator check box under the SHVs used in this health policy section.
12. Click the OK button. The Network Policy Server window is displayed.

Task 2.4: Configuring a Network Policy for Compliant Clients
To configure a network policy for compliant clients, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Select the Network Policies node under the Policies node in the left pane.
2. Right-click the Connections to Microsoft Routing and Remote Access server option under the Policy Name column in the right pane, and then select the Disable option.
3. Right-click the Connections to other access servers option under the Policy Name column in the right pane, and then select the Disable option.
4. Right-click the Network Policies node in the left pane, and then select the New option. The Specify Network Policy Name and Connection Type page of the New Network Policy wizard is displayed.
5. Type Compliant-Full-Access in the Policy name text box.
6. Click the Next button. The Specify Conditions page is displayed.
7. Click the Add button. The Select condition dialog box is displayed.
8. Scroll down the Select a condition, and then click Add list to locate the Network Access Protection section.
9. Double-click the Health Policies icon. The Health Policies dialog box is displayed.
10. Select the Compliant option under the Health policies drop-down list.
11. Click the OK button. The Specify Conditions page is displayed.
12. Ensure that the Health Policy option is displayed under the Condition column displaying the Compliant text under the Value column.
13. Click the Next button. The Specify Access Permission page is displayed.
14. Ensure that the Access granted option is selected.
15. Click the Next button. The Configure Authentication Methods page is displayed.
16. Clear all the check boxes.
17. Select the Perform machine health check only check box.
18. Click the Next button. The Configure Constraints page is displayed.
19. Click the Next button. The Configure Settings page is displayed.
20. Select the NAP Enforcement option under the Network Access Protection section in the left pane.
21. Ensure that the Allow full network access option is selected in the right pane.
22. Scroll down and clear the Enable auto-remediation of client computers check box.
23. Click the Next button. The Completing New Network Policy page is displayed.
24. Click the Finish button. The Network Policy Server window is displayed.

Task 2.5: Configuring a Network Policy for Non Compliant Clients
To configure a network policy for non compliant clients, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Right-click the Network Policies node in the left pane, and then select the New option. The Specify Network Policy Name and Connection Type page of the New Network Policy wizard is displayed.
2. Type Non Compliant-Restricted in the Policy name text box.
3. Click the Next button. The Specify Conditions page is displayed.
4. Click the Add button. The Select condition dialog box is displayed.
5. Scroll down the Select a condition, and then click Add list to locate the Network Access Protection section.
6. Double-click the Health Policies icon. The Health Policies dialog box is displayed.
7. Select the Non Compliant option in the Health policies drop-down list.
8. Click the OK button. The Specify Conditions page is displayed.
9. Ensure that the Health Policy option is displayed under the Condition column displaying the Non Compliant text under the Value column.
10. Click the Next button. The Specify Access Permission page is displayed.
11. Ensure that the Access denied option is selected.
12. Click the Next button. The Configure Authentication Methods page is displayed.
13. Clear all the check boxes.
14. Select the Perform machine health check only check box.
15. Click the Next button. The Configure Constraints page is displayed.
16. Click the Next button. The Configure Settings page is displayed.
17. Select the NAP Enforcement option under the Network Access Protection section in the left pane.
18. Select the Allow limited access option.
19. Scroll down and clear the Enable auto-remediation of client computers check box.
20. Click the Next button. The Completing New Network Policy page is displayed.
21. Click the Finish button. The Network Policy Server window is displayed.
22. Close the Network Policy Server window.

Task 3: Configuring the DHCP Service for NAP Enforcement To configure the DHCP service for NAP enforcement, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Ensure that the Server Manager window is open and active.
2. Ensure that DHCP is selected in the left pane.
3. Right-click the 1MAGE_SVR1 option under the Server Name column in the right pane, and then select the DHCP Manager option.
4. Expand the Image_SVR1Adatam.com-APv4 nodes in the left pane.
5. Select the Scope [172.16.0.0] NAP Scope node in the left pane.
6. Right-click the Scope [172.16.0.0] NAP Scope node in the left pane, and then select the Properties option.
7. Click the Network Access Protection tab.
8. Select the Enable for this scope option under the Network Access Protection Settings section.
9. Ensure that the lise default Network Access Protection profile option is selected.
10. Click the OK button. The DHCP window is displayed.
11. Ensure that the Scope [172.16.0.0] NAP Scope node is expanded in the left pane.
12. Select the Scope Options node in the left pane.
13. Right-click the Scope Options node in the left pane, and then select the Configure Options option.
14. Click the Advanced tab.
15. Ensure that the DHCP Standard Options option is selected in the Vendor class drop-down list.
16. Select the 003 Router check box under the Available Options column.
17. Type 172.16.0.10 in IP address text box.
18. Click the Add button.
19. Scroll down and select the 015 DNS Domain Name option under the Available Options column.
20. Ensure that the adatum.com text is displayed in the String value text box.
21. Click the OK button. The DHCP window is displayed.
22. Close the DHCP window.

Task 4: Configuring the Image_VVin8_CL1 Virtual Machine as the DHCP and NAP Client To configure the Image_Win8_CL1 virtual machine as the DHCP and NAP client,
you need to perform the following tasks-
1. Enable security center.
2. Enable the DHCP enforcement client.
3. Enable and start the NAP agent service.
4. Configure the Image Nirin8_CL1virtual machine for the DHCP address assignment.

Task 4.1: Enabling Security Center
To enable security center, you need to perform the following steps in the Image_Win8_CL1 virtual machine:
1. Ensure that the Image_Win8_CL1 virtual machine is running and active and you are logged on with Adatum\Administrator as the usemame and PaSSwOrd as the password.
2. Ensure that the Start screen is displayed.
3. Type Control Panel.
4. Press the Enter key. The Control Panel window is displayed.
5. Click the Network and Internet link. The Network and Internet window is displayed.
6. Click the Network and Sharing Center link in right pane. The Network and Sharing Center window is displayed.
7. Click the Windows Firewall link under the See also section in the left pane.
8. Click the Turn Windows Firewall on or off link in the left pane.
9. Select the Turn off Windows Firewall (not recommended) option under the Domain network settings, Private network settings, and Public network settings sections.
10. Click the OK button.
11. Close the Windows Firewall window.
12. Press the Windows key. The Start screen is displayed.
13. Type mmc.
14. Press the Enter key. The Consolel - [Console Root] window is displayed.
15. Select File->Add/Remove Snap-in. The Add or Remove Snap-ins dialog box is displayed.
16. Select the Group Policy Object Editor option under the Available Snap-ins column in the left pane.
17. Click the Add button. The Welcome to the Group Policy Wizard page is displayed.
18. Click the Finish button. The Add or Remove Snap-ins dialog box is displayed.
19. Click the OK button. The Consolel - [Console Root] window is displayed.
20. Expand the Local Computer Policy->Computer Configuration-'Administrative Templates-ANindows Components nodes in the left pane.
21. Select the Security Center node in the left pane.
22. Double-click Turn on Security Center (Domain PCs only) under the Setting column in the middle pane. After a few moments, the Turn on Security Center (Domain PCs only) window is displayed.
23. Select the Enabled option.
24. Click the OK button. The Consolel-[Console Root] window is displayed.
25. Close the Consolel-[Console Root] window. The Microsoft Management Console dialog box is displayed.
26. Click the No button to close the window without saving the settings.

Task 4.2: Enabling the DHCP Enforcement Client
To enable the DHCP enforcement client, you need to perform the following steps in the Image_Win8_CL1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Type napckfg.msc.
3. Press the Enter key. The NAP Client Configuration window is displayed.
4. Select the Enforcement Clients node in the left pane.
5. Right-click the DHCP Quarantine Enforcement Client option under the Name column in the right pane, and then select the Enable option.
6. Close the NAP Client Configuration window.

Task 4.3: Enabling and Starting the NAP Agent Service
To enable and start the NAP agent service, you need to perform the following steps in the Image_Win8_CLI virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Type services.msc.
3. Press the Enter key. The Services window is displayed-
4. Scroll down and double-click the Network Access Protection Agent service under the Name column in the right pane. The Network Access Protection Agent Properties (Local Computer) dialog box is displayed.
5. Select the Automatic option in the Startup type drop-down list.
6. Click the Start button to start the service.
7. Click the OK button. The Services window is displayed.
8. Close the Services window.

Task 4.4: Configuring the Image_Wm8_CL1 Virtual Machine for the DHCP Address Assignment
To configure the Image_Win8_CLI virtual machine for the DHCP address assignment, you need to perform the following steps in the Image_WinS_CL1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Type Control Panel.
3. Click the Control Panel tile. The Control Panel window is displayed.
4. Click the Network and Internet link. The Network and Internet window is displayed.
5. Click the Network and Sharing Center link in the right pane. The Network and Sharing Center window is displayed.
6. Click the Local Area Connection link under the View your active networks section. The Local Area Connection Status dialog box is displayed.
7. Click the Properties button. The Local Area Connection Properties dialog box is displayed.
8. Clear the Internet Protocol Version 6 (TCP/ IPv6) check box in the This connection uses the following items list box.
9. Select the Internet Protocol Version 4 (TCP/ IPv4) option in the This connection uses the following items list box.
10. Click the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box is displayed.
11. Select the Obtain an IP address automatically and Obtain DNS server address automatically options.
12. Click the OK button.
13. Click the Close button and wait for a few moments while configurations are done on the virtual machine.
14. Click the Close button.
15. Close the Network and Sharing Center window
16. Press the Windows-I keys. The Settings pane is displayed.
17. Select Power-*Restart. After a few moments, the lock screen is displayed.
18. Press the Enter key. The log in screen is displayed.
19. Type PaSSwOrd in the Password text box.
20. Press the Enter key. The Start screen is displayed.

Task 5: Testing the NAP Enforcement To test the NAP enforcement, you need to perform the following wits-
1. Verify the DHCP assigned address and the current quarantine state.
2. Configure the network policy to grant restricted access.
3. Configure the network policy to remediate the non compliant computers.

Task 5.1: Verifying the DHCP Assigned Address and the Current Quarantine State
To verify the DHCP assigned address and the current quarantine state, you need to perform the following steps in the Image Win8_CL1 virtual machine:
1. Ensure that the Start screen is displayed.
2. Type Command Prompt.
3. Press the Enter key. The Administrator: Command Prompt window is displayed.
4. Type ipconfig /release, and then press the Enter key.
5. Type ipconfig /renew, and then press the Enter key.
6. Wait for some time and notice that the client machine is unable to obtain an IP address from the DHCP server. After a few moments, unable to contact your DHCP server message is displayed.
7. Press the Windows key. The Start screen is displayed.
8. Type Control Panel.
9. Press the Enter key. The Control Panel window is displayed.
10. Click the System and Security link The System and Security window is displayed.
11. Click the Windows Firewall link in right pane. The Windows Firewall window is displayed.
12. Click the Turn Windows Firewall on or off link in the left pane.
13. Select the Turn on Windows Firewall option under the Domain network settings, Private network settings, and Public network settings sections.
14. Click the OK button.
15. Switch to the Administrator: Command Prompt window
16. Type ipconfig /renew, and then press the Enter key.
17. Type ipconfig/all, and then press the Enter key.
18. Scroll up and observe that adatum.com is displayed against Connection-specific DNS Suffix under the Ethernet adapter Local Area Connection section and Not Restricted is displayed against System Quarantine State under the Windows IP Configuration section.
19. Switch to the Windows Firewall window.
20. Click the Turn Windows Firewall on or off link in the left pane.
21. Select the Turn off Windows Firewall (not recommended) option under the Domain network settings, Private network settings, and Public network settings sections.
22. Click the OK button.

Task 5.2: Configuring the Network Policy to Grant Restricted Access
To configure the network policy to grant restricted access, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Switch to the Image_SVR1 virtual machine.
2. Press the Windows key. The Start screen is displayed.
3. Click the Network Policy Server tile. The Network Policy Server window is displayed.
4. Expand the Policies node in the left pane.
5. Select the Network Policies node in the left pane.
6. Right-click the Non Compliant-Restricted option under the Policy Name column in the right pane, and then select the Properties option.
7. Select the Grant access.
8. Click the OK button. The Network Policy Server window is displayed.
9. Switch to the Image_Winti_CL1 virtual machine.
10. Switch to the Administrator: Command Prompt window.
11. Type ipconfig /release, and then press the Enter ke3'.
12. Type ipconfig /renew, and then press the Enter key.
13. Type ipconfig /all, and then press the Enter key.
14. Scroll up and observe that adatum.com is displayed against Connection-specific DNS Suffix under the Ethernet adapter Local Area Connection section and Restricted is displayed against System Quarantine State under the Windows IP Configuration section.

Task 5.3: Configuring the Network Policy to %mediate the Non Compliant Computers
To configure the network policy to renaediate the non compliant computers, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Switch to the Image_SVR1 virtual machine.
2. Ensure that the Network Policy Server window is open and active.
3. Ensure that the Policies node is expanded in the left pane.
4. Right-click the Non Compliant-Restricted option under the Policy Name column in the right pane, and then select the Properties option.
5. Click the Settings tab.
6. Select NAP Enforcement under the Network Access Protection section in the left pane.
7. Select the Enable auto-remediation of client computers check box under the Auto remediation section.
8. Click the OK button. The Network Policy Server window is displayed.
9. Switch to the Image_Win8_CL1 virtual machine.
10. Ensure that the Administrator: Command Prompt window is open and active.
11. Type ipconfig /release, and then press the Enter key to release the current IP address.
12. Type ipconfig /renew, and then press the Enter key to renew the current IP address.
13. Type ipconfig /all, and then press the Enter key.
14. Scroll up and observe that adatum.com is displayed.

1. AmpleInfo Corporations is a leading finance company in the U.S. with its head office in Sunnyvale. The company's network uses Domain Name Server (DNS) service for name resolution. In addition, the head office network has heterogeneous client environment where it has desktops configured with the Windows legacy OS and critical Line-of-Business (LOB) applications. These applications use the NetBIOS names for TCP/IP for network-based communication. Therefore, Jim, the Server Administrator, initially wants to install and configure Windows Internet Name Service (WINS) in the head office network to resolve the NetBIOS names of resources. What should he do to accomplish the preceding task?

To accomplish the assigned task, you need to perform the following tasks:
Install the WINS feature.
Configure the WINS burst handling.
Configure the WINS replication.



Task 1: Installing the WINS Feature To install the WINS feature, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Ensure that the Server Manager window is open and active.
2. Click the Add roles and features link in the right pane. The Before you begin page of Add Roles and Features Wizard is displayed.
3. Click the Next button. The Select installation type page is displayed.
4. Click the Next button. The Select destination server page is displayed.
5. Click the Next button. The Select server roles page is displayed.
6. Click the Next button. The Select features page is displayed.
7. Scroll down and select the WENS Server check box.
8. Click the Add Features button. The Select features page is displayed.
9. Click the Next button. The Confirm installation selections page is displayed.
10. Select the Restart the destination server automatically if required check box.
11. Click the Yes button. The Confirm installation selections page is displayed.
12. Click the Install button. The Installation progress page is displayed.
13. Click the Close button. The Server Manager window is displayed.

Task 2: Configuring the WINS Burst Handling To configure the WS burst handling, you need to perform the following steps in the Image_SVR1 virtual machine:
1. Press the Windows key. The Start screen is displayed.
2. Click the Administrative Tools tile. The Administrative Tools window is displayed.
3. Double-click the WINS shortcut under the Name column in the right pane. The WINS window is displayed.
4. Maximize the WINS window
5. Select the LMAGE_SVR1 [172 16 0.11] node in the left pane.
6. Right-click the IMAGE_SVR1 [172.16.0.11] node in the left pane, and then select the Properties option.
7. Click the Advanced tab.
8. Ensure that the Enable bunt handling check box is selected.
9. Select the Low option.
10. Click the OK button. The WINS window is displayed.
11. Right-click the Active Registrations node in the left pane, and then select the New Static Mapping option.
12. Type SALES in the Computer name text box.
13. Ensure that the Unique option is selected in the Type drop-down list.
14. Type 172.16.0.10 in the IF' address text box.
15. Click the OK button. The WINS window is displayed-
16. Right-click the Active Registrations node in the left pane, and then select the Display Records option.
17. Click the Find Now button. The WINS window is displayed.
18. Select the Active Registrations node in the left pane to display the active registration in the right pane.
19. Right-click the LMAGE_SVR1 [172.16.0.11]
20. Click the Intervals tab.
21. Select 7 from the Extinction timeout spin box under the Days column.
22. Click the OK button.
23. Switch to the Image_DC1 virtual machine.
24. Press the Windows key. The Start screen is displayed.
25. Click the Control Panel tile. The Control Panel window is displayed.
26. Click the Network and Internet link. The Network and Internet window is displayed.
27. Click the Network and Sharing Center link in the right pane. The Network and Sharing Center window is displayed.
28. Click the Local Area Connection link under the View your active networks section in the right pane.
29. Click the Properties button. The Local Area Connection Properties dialog box is displayed.
30. Select the Internet Protocol Version 4 (TCP/ IPv4) option under the This connection uses the following items list.
31. Click the Properties button. The Internet Protocol Version 4 (TCP/IPv4) Properties dialog box is displayed.
32. Click the Advanced button. The Advanced TCP/ IP Settings dialog box is displayed.
33. Click the WENS tab.
34. Click the Add button. The TCP/IP WENS Server dialog box is displayed.
35. Type 172.16.0.11 in the WINS server text box.
36. Click the Add button.
37. Click the OK button twice.
38. Click the Close button twice.
39. Close the Network and Sharing Center window
40. Open the Command Prompt window.
41. Type ping sales, and then press the Enter key to execute the command.
42. Close the Command Prompt window.

Task 3: Configuring the WINS Replication To configure the WINS replication, you need to perform the following steps in the Image_DC1 virtual machine:
1. Switch to the Image DC1 virtual machine.
2. Press the Windows key. The Start screen is displayed.
3. Type WINS.
4. Press the Enter key. The WENS  window is displayed.
5. Maximize the WINS window.
6. Select the L‘LAGE DC1 [172.16.0.10] node in the left pane.
7. Right-click the Replication Partners node in the left pane, and then select the New Replication Partner option.
8. Type 172.16.0.11 in the WINS server text box, which is the IP address of the Image_SVR1 virtual machine.
9. Click the OK button. After a few moments, the WINS window is displayed.
10. Select the Replication Partners node in the left pane.
11. Switch to the Image_SVR1 virtual machine.
12. Right-click the Replication Partners node in the left pane, and then select the New Replication Partner option. The New Replication Partner dialog box is displayed.
13. Type 172.16.0.10 in the WO'S server text box, which is the IP address of the Image_DC1 virtual machine.
14. Click the OK button. After a few moments, the WECS window is displayed.
15. Select the Replication Partners node in the left pane.
16. Right-click the Replication Partners node in the left pane, and then select the Replicate Now