RAS question

Essendon

Question 36 from proprofs.com

Your company intends to bring in the usage of smart card for authentication. They also plan to implement VPN in between offices with IPSec on Windows Server 2003 environment using the Microsoft?s default tunneling protocol. You are required to plan the entire setup such that the existing remote clients are also accommodated in this scenario. What should you do? Each choice represents a part of the solution. Choose all that apply to complete the solution.
A. Implement RADIUS on the network
B. Implement Certificate Servers for authenticating smart card users.
C. Configure Extensible Authentication Protocol -Transport Level Security (EAP-TLS) on the VPN server.
D. Nothing. The existing scenario is all ready for the new changes required

C is obviously correct. B is incorrect because the it isnt the certificate servers that authenticate clients. D is crap. The question doesnt ask for centralising policy/client management, so A is incorrect too.

They reckon A and C. A is logically correct but isnt what the question asks. Please help.

P.S. Has someone else used proprofs.com? Questions are just alright, not as convoluted as the ones Transcender has or like some at the back of the blue book. Also some questions are poorly worded, and I had to decrypt what they were trying to say...

dynamik

I wouldn't worry about it. They probably should have mentioned something along the lines of simplified administration, centralized AAA, etc. As long as you understand when you would or wouldn't want to use IAS, that's all that matters.