1. what is TMG server publishing? when would you use that as opposed to server publishing and web publishing?
    • web publishing: http servers, Mapping requests to specific internal paths, Delegation of user credentials, Link translation, SSL bridging, Load balancing
    • server publishing: non-http servers
  2. what would you use for baselining tmg servers?
    system monitor
  3. how do you specify a group of people to only be allowed to use certain protocols?
    user sets in the new access rule wizard
  4. know what kind of things would be impacting SqL or text logging?
    network consumption, log size limit, security, perfrmance, hstorical and offline viewing
  5. what kind of scenario would you forward the original host header? what would be the problem if you didn't?
    to a sharepoint server "this enables SharePoint to differentiate between external requests for which it provides translated links, and internal requests for which it provides internal links"
  6. what logging types use the most and least resources?
    • most - sql server database
    • - sql server express
    • least - file
  7. what authentication types are available for a site to site vpn tunnel?
    ikev2, EAP, mschapv2, chap, pap
  8. what rule would you need to set up to allow web protocols to go through a site to site?
    • pptp 1723
    • l2tp 500
    • sstp 443
  9. what is the highest and lowest level of security, highest and lowest resouce useage for site to site vpn?
    • security resources
    • sstp moderate mid
    • pptp moderate least
    • l2tp high most
  10. what are the traffic profile mappings for TMG?
    Network mapping, application mapping, protocol mapping
  11. what kind of CA would you use for bridging https from the perimeter?
    "To satisfy this requirement you need to acquire a certificate and install it on TMG so that you can associate this certificate with the Web listener that will be used for the Web server publishing rule"
  12. where are the certificates, which ones, and where do you install them to do https and ssl inspection?
    • where - CA and TMG
    • which ones - server, client, root, subordinate, standalone, domain
    • https/ssl
    • "Two kinds of certificates are used in HTTPS (HTTP over SSL) authentication:
    • Server certificates. This certificate contains information about the server that allows a client to identify the server before sharing sensitive information. Client certificates. This certificate contains personal information about the user and identifies the SSL client (the sender) to the server."
  13. get an idea of what kind of information is provided by logs and reports vs session information?
    • logs - any information in any packet, network information, computer information,rule
    • session - current network information
Card Set
TMG, threat management gateway, server 2008, firewall