Pop Quiz: Windows 8.1 IPsec Rules
Applies to the "Configure network connectivity" objective of Exam 70-687.
Q: A company's network security team needs to configure a secure communication link between multiple devices on the network.
Which command is used when creating an IPsec rule?
Answer is A. The PowerShell cmdlet used when creating an IPsec rule is New-NetIPsecRule. Get-NetIPsecRule will display an IPsec rule, Set-NetIPsecRule can be used to modify an existing rule, and Copy-NetIPsecRule can be used to copy an entire IPsec rule and associated filters to the same or a different policy store.
Quick Tip: This is an example of a common IPsec rule that creates a rule that could be used in a domain isolation scenario, where incoming traffic is only permitted from other domain member computers. The default main mode negotiation uses Kerberos v5 for computer and user authentication;
PS C:\> New-NetIPsecRule -DisplayName "Domain Isolation Rule" -InboundSecurity Require –OutboundSecurity Request -PolicyStore contoso.com\Domain_Isolation
Reference: Network Security Cmdlets in Windows PowerShell
Bonus Question: Can Windows 7, Windows 8, and Windows 8.1 devices all be connected to the same HomeGroup? (The answer, of course, will be revealed next time!)
Answer to bonus question from last week:
The command that can be used to view all wireless profiles on a Windows 8.1 device is netsh wlan show profiles.
About the Author
Andy Barkl, MCT/MCITP/MCSA, A+, Network+, Security+, CCNA has been studying technology for 30 years. Of the last 15 years, he has spent much of his time parting the knowledge and experience he has gained through IT exams, over 300, to help others be prepared and successful. He teaches classes in Phoenix, Ariz. where he has lived most of his life. He can be reached by e-mail at [email protected]