ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-413 All Questions

View all questions & answers for the 70-413 exam
Go to Exam

Exam 70-413 topic 1 question 163 discussion

Actual exam question from Microsoft's 70-413
Question #: 163
Topic #: 1
[All 70-413 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an Active Directory domain named contoso.com. The domain contains multiple sites.
You plan to deploy DirectAccess.
The network security policy states that when client computers connect to the corporate network from the Internet, all of the traffic destined for the Internet must be routed through the corporate network.
You need to recommend a solution for the planned DirectAccess deployment that meets the security policy requirement
Solution: You set the ISATAP State to state enabled.
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
With NAT64 and DNS64, the DirectAccess server now has the ability to take those IPv6 packets and spin them down into IPv4 packets, so you can simply leave your internal network all IPv4. So back in the beginning it was standard practice to enable ISATAP globally. Today, because of the known issues, it is recommended not to use ISATAP at all, unless you have a specific reason for needing it
Note: ISATAP defines a method for generating a link-localIPv6 address from an IPv4 address, and a mechanism to perform Neighbor Discovery on top of IPv4.
by SummerSlumber at Sept. 21, 2020, 12:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SummerSlumber
4 years, 8 months ago
The security policy states that when remote client computers are connected via the Direct Access Tunnel (to the corporate network)they must access the Internet as well, through the corporate network. Split-Tunneling (which is enabled by default on Direct Access) configures the setup so that client computers connect to their corporate network through Direct Access, but if they wish to access the internet, they use their local internet connection to do so. Force-Tunneling configures the setup so that clients access their corporate network data though the DA connection AND they access the internet through it too (basically using the corporate internet connection by proxy through the DA Tunnel). Disabling ISATAP would not do this, as far as I know. Another version of this question has the option “Enable Force Tunneling.” That is the correct answer for that.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel