If you are given the task of determining where trust relationships are needed, the process is simple. To determine which MCSE 2003 are necessary, complete the following steps:
1.Make a sketch, or examine one, of the sites and the demand-dial interfaces that will be created between the sites. Figure 7-17 shows such a sketch of three Tail-spin Toys sites: New York, San Francisco, and Paris.
2.Examine the certificate issued to the proposed VPN router for each site. You can locate this certificate by adding the Certificates snap-in for the local computer to an MMC console and looking in the Personal certificate store. If you look at the Details property page, the Issuer Information provides the name of the CA that issued the certificate, and the Certification Path property page displays the root CA in the hierarchy.Make a list (List 1) of VPN routers, their site location, and the names of the root CAs you have discovered for each.
3.Make another list (List 2). Start by listing each free A+ practice exams, and then for each VPN router list the sites with which it must have a demand-dial interface. Table 7-9 is the list that corresponds to our example.
4.Use the list created in step 3 (List 1) to determine the root CA certificate identified for each site’s VPN router. Add the root CA certificate name next to the site names in List 2. Table 7-10 is List 2 with this modification.
Do the routers’ certificate stores include all the necessary certificates? Is a copy of the root CA certificate listed as required in List 2 present? Place a check mark beside the certificates that are missing from each router’s store, as shown in Table 7-12. If a certificate that is necessary is present, the demand-dial interface, if properly configured, will be able to connect. If a certificate is missing, it will not. In this example, Routerl (in the New York site) can accept a certificate from Router2 (in the San Francisco site) because it has a match on its list of trusted CAs. Likewise, Router2 can accept a machine certificate from Routerl because there is a match on its list of trusted CAs. However, Router3 (in the Paris site) does not trust any of the CAs that Router 2 can present. A VPN site-to-site free Security+ practice exams connection cannot be made between Router2 and Router3 or between Routerl and Router3.
The free practice tests has been designed for professionals who analyze the business requirements. The autor devote herself to research the problems and knowledge of MCSE Certification.If you have any questions about MCSE,you can comments on the article the autor publiced.