- 5 views
Exam
Answer needs confirmation
Question
You have a server that runs Windows Server. The server is configured to encrypt all incoming traffic by using a connection security rule.
You need to ensure that Server1 can respond to the unencrypted tracert commands initiated from computers on the same network.
What should you do from Windows Defender Firewall with Advanced Security?
Proposed answer
- A. From the IPsec Settings, configure IPsec defaults.
- B. Create a new custom outbound rule that allows ICMPv4 protocol connections for all profiles.
- C. Change the Firewall state of the Private profile to Off.
- D. From the IPsec Settings, configure IPsec exemptions.
Suggested answer
- D. From the IPsec Settings, configure IPsec exemptions.
xxxxx85xx
Highly Voted 2 years, 8 months ago
Correct Answer "IPSec exemptions change Exempt ICMP from IPSec to Yes. Use this setting to prevent ICMP (Ping and Tracert) messages from being authenticated, encrypted, or both. Keeping ICMP messages unprotected allows you to perform basic network troubleshooting when IPSec cannot be successfully negotiated."
upvoted 8 times
starseed
Most Recent 3 months ago
From the IPsec Settings, configure IPsec exemptions is correct
upvoted 1 times
FormaPlom
1 year, 1 month ago
Selected Answer: D
Correct!
upvoted 1 times
syu31svc
1 year, 7 months ago
Selected Answer: D
"respond to the unencrypted tracert commands" IPsec defaults are about secured connections so A is wrong B is wrong since it is outbound but respond would mean inbound C is plain invalid D is correct
upvoted 2 times
AvoKikinha
2 years, 7 months ago
Selected Answer: D
Agree D)
upvoted 2 times