Pop Quiz

[Yamaneko]

That's why you're the tech guy and we're the people who pay you, eventually, for doing tech things.

Congrats. Anymore certs or was that your last one for now?

EDIT: Nevermind. Just read your LJ.

[Dr Unne]

My answer was better.

[Ichy]

I voted before reading the thread just to see if I could get it right without my choice being influenced by what others had posted... and I got it wrong :P

Was a good question to pop on us, though
*goes back to his books*

[Kirobaito]

I love guessing.

So now, Arche and Unne, bow down to me, your new computer genius-lord!

[Citizen Bleys]

I was hoping I'd be the only EoFF'er capable of getting certified on the 70-214, but I don't think Raf was guessing, even if KB was.

[Kirobaito]

Oh, like you ever thought that I knew that techno mumbo-jumbo.

And I guarantee you that Raf was guessing, too.

[Endless]

I'll tell you why I picked the one I picked. The key here is what we want to improve: You want to further increase the security for all <b>connections</b> to files on FILE3.

1) Modify the authentication method for the IPSec policy on FILE3 to require a certificate and install certificates on all client computers in the Research OU.

Then there's the risk of said certificate being put on other machine, with possibility for tampering and unwanted access.

2) Reconfigure the IPSec policy for FILE3 to use the Server (Request Security) IPSec policy.

I didn't see any improvement in security here. It seems to just move the issue from clients to server. The communications aren't more secure.

3) Configure the key exchange settings for the IPSec policy on FILE3 to use Master key Perfect Forward Secrecy (PFS).

I don't know the details on that one, but the idea to use secured key exchange seemed to improve security (less tampering possible), which we want.

4) Create a Group Policy object (GPO) that assigns the Secure Server (Require Security) to the Research OU.

I don't really know how that one works, but it doesn't improve the security of the communication.