Advanced Solutions of Microsoft Exchange Server 2013
Question No: 11 – (Topic 2)
You need to recommend a solution to ensure that the store managers meet the compliance requirements.
What should you include in the recommendation?
Retention tags and retention policies
Deleted item retention
An in-place hold
Answer: C Explanation:
Scenario: All store managers must be prevented from permanently deleting email
messages from their Inbox.
In Exchange 2013, you can use In-Place Hold to accomplish the following goals: Place user mailboxes on hold and preserve mailbox items immutably
Preserve mailbox items deleted by users or automatic deletion processes such as MRM
Preserve items indefinitely or for a specific duration Etc.
Reference: n-Place Hold and Litigation Hold
Question No: 12 – (Topic 2)
You need to recommend a solution for the memos. The solution must meet the compliance requirements.
What should you include in the recommendation?
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Information Rights Management (IRM)
Data loss prevention (DLP) policies
Answer: B Explanation:
Scenario: Management occasionally sends the staff internal memos that contain confidential information, such as sales figures. The memos must be protected so that unauthorized users cannot read the memos and internal users cannot forward the memos to external recipients.
With the IRM features in Exchange 2013, your organization and your users can control the rights recipients have for e-mail. IRM also helps allow or restrict recipient actions such as forwarding a message to other recipients, printing a message or attachment, or extracting message or attachment content by copying and pasting. IRM protection can be applied by users in Microsoft Outlook or Microsoft Office Outlook Web App, or it can be based on your organization#39;s messaging policies and applied using transport protection rules or Outlook protection rules.
Reference: Information Rights Management
Question No: 13 – (Topic 2)
You deploy a new certificate to a Client Access server.
You test the new certificate by using Outlook Anywhere from the Internet. The test generates certificate errors.
You need to prevent the errors from reoccurring.
To which two stores should you add the root CA certificate? (Each correct answer presents part of the solution. Choose two.)
the personal store on the client computers
the personal store on the Client Access server
the personal store on the Mailbox servers
the Trusted Root Certification Authorities store on the client computers
the Trusted Root Certification Authorities store on the Client Access server
the Trusted Root Certification Authorities store on the Mailbox servers
Answer: D,E Explanation:
D: Outlook Anywhere won#39;t work with a self-signed certificate on the Client Access server. Self-signed certificates must be manually copied to the trusted root certificate store on the client computer or mobile device. When a client connects to a server over SSL and the server presents a self-signed certificate, the client will be prompted to verify that the certificate was issued by a trusted authority. The client must explicitly trust the issuing authority. If the client confirms the trust, then SSL communications can continue.
E: If you are providing external access to Autodiscover by using Outlook Anywhere you must install a valid SSL certificate on the Client Access server.
Question No: 14 DRAG DROP – (Topic 2)
You need to recommend a solution to meet the compliance requirements for the research department and the statutory holidays.
What should you recommend configuring?
To answer, drag the appropriate object to the correct location in the answer area. Each object may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Question No: 15 – (Topic 2)
You need to recommend a solution to meet the compliance requirement for the legal department.
What should you include in the recommendation?
A retention hold
The Discovery Management management role group
A litigation hold
The Recipient Management management role group
Answer: B Explanation:
Scenario: The legal department must be able to search for messages in all of the mailboxes.
Administrators or users who are members of the Discovery Management role group can perform searches of mailboxes in the Exchange organization for data that meets specific criteria and can also configure litigation holds on mailboxes.
Question No: 16 – (Topic 2)
You need to recommend a solution to ensure that during the planned migrations, all Autodiscover requests are processed by the Exchange Server 2013 Client Access servers.
What should you recommend?
On the Exchange Server 2007 Client Access servers, modify the AutodiscoverServiceInternalURI.
On the Exchange Server 2007 Client Access servers, modify the ExternalURL value of the Autodiscover virtual directory.
On the Exchange Server 2013 Client Access servers, modify the ExternalURL value of the Autodiscover virtual directory.
On the Exchange Server 2013 Client Access servers, modify the AutodiscoverServiceInternalURI.
Answer: A Explanation:
The Exchange Server 2007 Client Access servers must be configured to use the Exchange Server 2013 Client Access server. We do this by setting the AutodiscoverServiceInternalURI property.
Question No: 17 – (Topic 2)
You need to recommend a solution for the voice mail traffic. The solution must meet the technical requirements.
Which two configurations should you include in the recommendation? (Each correct answer presents part of the solution. Choose two.)
A dial plan.
A server certificate
A transport rule
A data loss prevention (DLP) policy
A call answering rule
Answer: A,B Explanation:
Scenario: Voice mail traffic between the telephone system and the Exchange Server environment must be encrypted.
A: Use the EAC to configure Protected Voice Mail from authenticated callers
->In the EAC, navigate to Unified Messaging gt; UM dial plans. In the list view, select the UM dial plan you want to modify, and then click Edit.
->On the UM Dial Plan page, under UM Mailbox Policies, select the UM mailbox policy you want to manage, and then click Edit.
->On the UM Mailbox Policy page gt; Protected voice mail, under Protect voice message from authenticated callers, select one of the following options:
In on-premises and hybrid deployments, you can configure a Client Access and Mailbox server to use mutual Transport Layer Security (mutual TLS) to encrypt the SIP and RTP traffic sent and received from other devices and servers. When you configure the dial plan to use SIP secured mode, only the SIP signaling traffic will be encrypted, and the RTP media channels will still use TCP, which isn’t encrypted. However, when you configure the dial plan to use Secured mode, both the SIP signaling traffic and the RTP media channels are encrypted. An encrypted signaling media channel that uses Secure Realtime Transport Protocol (SRTP) also uses mutual TLS to encrypt the VoIP data.
When you’re deploying Transport Layer Security (TLS) with UM, the certificates that are used on the Client Access server and the Mailbox server both must contain the local computer#39;s fully qualified domain name (FQDN) in the certificate’s Subject Name. To work around this issue, use a public certificate and import the certificate on all Client Access and Mailbox servers, any VoIP gateways, IP PBXs, and all the Lync servers.
Question No: 18 HOTSPOT – (Topic 2)
You need to recommend a database availability group (DAG) design that meets the technical requirements.
Which DAG design should you recommend?
To answer, select the appropriate design in the answer area.
Question No: 19 – (Topic 2)
You are creating a contingency plan to be implemented if the entire New York site fails after Exchange Server 2013 is deployed.
You need to recommend which tasks must be performed to ensure that all of the users can access Outlook Web App from the Chicago site if the New York fails.
Which three actions should you recommend? (Each correct answer presents part of the solution. Choose three.)
On the Client Access server in the Chicago site, set the ExternalURL of Outlook Web App to mail.adatum.com.
On the Mailbox server in the Chicago site, set the ExternalURL of Outlook Web App to mail.adatum.com.
Modify the host (A) record for mail.adatum.com to point to the Client Access server in the Chicago site.
On the Client Access server in the Chicago site, set the internal URL of Outlook Web App to mail.adatum.local.
Install the mail.adatum.com certificate and private key on the Client Access server in the Chicago site.
Answer: A,C,E Explanation:
A: Example: To configure an external URL for Outlook Web App, run the following command in Exchange Management Shell.
Set-OwaVirtualDirectory quot;lt;CAS2013gt;\OWA (Default Web Site)quot; -ExternalUrl https://mail.contoso.com/OWA
C: Need a new record in the DNS.
E: In Exchange 2013, you can use the Certificate Wizard to request a digital certificate from a certification authority. After you’ve requested a digital certificate, you’ll need to install it on the Client Access server.
Reference: Exchange 2013 Client Access server configuration
Topic 3, Contoso Ltd Overview
Contoso, Ltd., is an aerospace engineering company that manufactures jet engine parts for various industries and government agencies. Contoso has an Exchange Server 2013 organization.
A partner company named Tailspin Toys has an Exchange Server 2010 organization.
Contoso has two offices. The offices are located in Montreal and Chicago.
Each office contains a data center:
->The Montreal and Chicago offices connect to each other by using a direct WAN link.
->All connections to the Internet are routed through the Montreal office.
->Most of Contoso#39;s employees work from the Montreal office.
The network of Contoso is configured as shown in the exhibit. (Click the Exhibit button.)
The network of Contoso contains the following components:
->Client computers that run either Microsoft Outlook 2007 or Outlook 2010.
->Users who have a primary SMTP address that uses the contoso.com suffix.
->A retention policy that retains all email messages for 580 days and is associated to all users.
->Six servers that have Exchange Server installed. The servers are configured as shown in the following table.
->A data availability group (DAG) named DAG1 that contains all of the mailbox servers. EX5 is configured as the witness server for DAG1. A file server in the Chicago office is configured as an alternate witness server. DAG1 has Datacenter Activation Coordination (DAC) mode enabled.
Requirements Planned Changes
Contoso plans to implement the following changes:
->Implement an organization relationship between Contoso and Tailspin Toys.
->Move the mailboxes of all the members of the sales department to Office 365.
->Evaluate Unified Messaging (UM) by conducting a small pilot in the Montreal office.
Contoso identifies the following security requirements:
->Ensure that the data in the Exchange Server databases cannot be read if a hard disk is stolen.
->Prevent temporary employees from executing a Reply All or a Forward of any
email messages they receive.
->Prevent temporary contractors from changing the configurations of the user accounts for the users in the research and development department.
->Ensure that all of the connections to Outlook Web App from the Internet use Extensible Authentication Protocol (EAP) protocols and Transport Layer Security (TLS) protocols.
->Secure all of the email messages from the users at Tailspin Toys to the Contoso users. Ensure that all of the messages can be secured if the certificates at Tailspin Toys are issued by a trusted third-party certification authority (CA).
Contoso identifies the following requirements for auditing mailboxes:
->The manager of the legal department must receive a daily report by email that contains a record of all the eDiscovery mailbox searches.
->Any access to a mailbox by a service account must be excluded from the daily report.
All of the email messages in the Sent Items folder of each user in the marketing department of Contoso must be deleted automatically after 365 days.
Office 365 Coexistence Requirements
Contoso identifies the following Office 365 coexistence requirements:
->Office 365 users must be able to access their mailbox by using their Active Directory user account in Contoso.
->On-premises users must be able to share free/busy information and calendar information with the Office 365 users.
Question No: 20 – (Topic 3)
You implement the UM pilot.
You capture and analyze a network trace from the IP-PBX.
You discover that SIP/MTLS requests for TCP 5061 to EX1 are dropped.
You need to ensure that the IP-PBX can route calls successfully to the Exchange Server 2013 organization.
What should you do?
Modify the IP-PBX to route calls to EX5 and EX6.
Modify the port used on the IP-PBX.
Modify the SIP listening port on EX1.
Deploy a server that has Exchange Server 2010 and the Unified Messaging server role installed.
EnsurePass ExamCollection Testking Lowest Price Guarantee Yes No No Up-to-Dated Yes No No Real Questions Yes No No Explanation Yes No No PDF VCE Yes No No Free VCE Simulator Yes No No Instant Download Yes No No