Skip Navigation Links
 

Microsoft - 70-345: Designing and Deploying Microsoft Exchange Server 2016

Sample Questions

Question: 152
Measured Skill: Plan, deploy, and manage an Exchange infrastructure, recipients, and security (15–20%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You need to recommend a solution that meets the security requirements for outbound email delivery.

What should you recommend?

AMicrosoft Azure Information Protection
B Data Loss Prevention (DLP) policies
C Outlook protection rules
D Active Directory Rights Management Services (AD RMS)

Correct answer: A

Explanation:

The case study states:

Users in the research and development department must be able to encrypt documents sent to external users. The encrypted email messages must never be forwarded by the external recipients.

Since the encrypted email messages must be sent to external users, Azure RMS is better than local AD RMS.

The Microsoft Azure Information Protection technology uses Azure Rights Management (often abbreviated to Azure RMS). This technology is integrated with other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory. It can also be used with your own line-of-business applications and information protection solutions from software vendors, whether these applications and solutions are on-premises, or in the cloud.

This protection technology uses encryption, identity, and authorization policies. Similarly to the labels that are applied, protection that is applied by using Rights Management stays with the documents and emails, independently of the location—inside or outside your organization, networks, file servers, and applications. This information protection solution keeps you in control of your data, even when it is shared with other people.

For example, you can configure a report document or sales forecast spreadsheet so that it can be accessed only by people in your organization, and control whether that document can be edited, or restricted to read-only, or prevent it from being printed. You can configure emails similarly, and also prevent them from being forwarded or prevent the use of the Reply All option.

These protection settings can be part of your label configuration, so that users both classify and protect documents and emails simply by applying a label. However, the same protection settings can also be used by applications and services that support protection, but not labeling. For these applications and services, the protection settings become available as Rights Management templates.

Question: 153
Measured Skill: Plan, deploy, manage, and troubleshoot mailbox databases (15–20%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You plan to configure the Exchange organization for site failover.

You need to recommend how many certificates must be deployed to meet the availability requirements and the security requirements.

What is the minimum number of certificates you should recommend deploying?

Aone
B two
C three
D four

Correct answer: A

Explanation:

The Availability Requirements states:

The site resilience solution must follow the bound namespace model.

The Exchange organization uses the namespaces mail.litware.com and autodiscover.litware.com.

There are no unique or special design considerations for certificates when deploying a DAG in a single datacenter. However, when extending a DAG across multiple datacenters in a site resilient configuration, there are some specific considerations with respect to certificates. Generally, your certificate design will depend on the clients in use, as well as the certificate requirements by other applications that use certificates. But there are some specific recommendations and best practices you should follow with respect to the type and number of certificates.

As a best practice, you should minimize the number of certificates you use for your Exchange servers and reverse proxy servers. We recommend using a single certificate for all of these service endpoints in each datacenter. This approach minimizes the number of certificates that are needed, which reduces both cost and complexity for the solution.

For Outlook Anywhere clients, we recommend that you use a single subject alternative name (SAN) certificate for each datacenter, and include multiple host names in the certificate. To ensure Outlook Anywhere connectivity after a database, server, or datacenter switchover, you must use the same Certificate Principal Name on each certificate, and configure the Outlook Provider Configuration object in Active Directory with the same Principal Name in Microsoft-Standard Form (msstd). For example, if you use a Certificate Principal Name of mail.contoso.com, you would configure the attribute as follows.

Set-OutlookProvider EXPR -CertPrincipalName "msstd:mail.contoso.com"

Some applications that integrate with Exchange have specific certificate requirements that may require using additional certificates. Exchange 2016 can co-exist with Office Communications Server (OCS). OCS requires certificates with 1024-bit or greater certificates that use the OCS server name for the Certificate Principal Name. Because using an OCS server name for the Certificate Principal Name would prevent Outlook Anywhere from working properly, you would need to use an additional and separate certificate for the OCS environment.

Question: 154
Measured Skill: Plan, deploy, and manage compliance, archiving, eDiscovery, and auditing (10–15%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You need to build a command to meet the compliance requirements for the regulation auditors.

How should you complete the command?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ANew-MailboxAuditLogSearch -Name "Auditors" -ExchangeLocation "Research and Development" -AllowNotFoundExchangeLocationsEnabled $False
B New-ComplianceSearch -Name "Auditors" -ExchangeLocation "Research and Development" -AllowNotFoundExchangeLocationsEnabled $False
C New-MailboxAuditLogSearch -Name "Auditors" -ExchangeLocation "Research and Development" -AllowNotFoundExchangeLocationsEnabled $Null
D Start-ComplianceSearch -Name "Auditors" -ExchangeLocation "Research and Development" -AllowNotFoundExchangeLocationsEnabled $Null
E Set-MailboxSearch -Name "Auditors" -ExchangeLocation "Research and Development" -AllowNotFoundExchangeLocationsEnabled $True
F New-ComplianceSearch -Name "Auditors" -ExchangeLocation "Research and Development" -AllowNotFoundExchangeLocationsEnabled $True

Correct answer: F

Explanation:

The Compliance Requirements states:

  • Each week, a team of regulation auditors must review the email messages sent and received by all the research and development department users.
  • The regulation auditors must be able to review the email messages of mailboxes placed on Litigation Hold.
  • The regulation auditors must be able to gain quick access to the email messages.
The new Compliance Search feature in Exchange 2016 allows you to search all mailboxes in your organization. Unlike In-Place eDiscovery where you can search up to 10,000 mailboxes, there are no limits for the number of target mailboxes in a single search. For scenarios that require you to perform organization-wide searches, you can use the New-ComplianceSearch cmdlet to search all mailboxes. Then you can use the workflow features of In-Place eDiscovery to perform other eDiscovery-related tasks, such as placing mailboxes on hold and exporting search results.

Here's an example of using the New-ComplianceSearch cmdlet to search all mailboxes in your organization. The search query returns all messages sent between October 1, 2015 and October 31, 2015 and that contain the phrase "financial report" in the subject line. The first command creates the search, and the second command runs the search.

New-ComplianceSearch -Name "Search All-Financial Report" -ExchangeLocation all -ContentMatchQuery 'sent>=01/01/2015 AND sent<=06/30/2015 AND subject:"financial report"'

Start-ComplianceSearch -Identity "Search All-Financial Report"

See also: New-ComplianceSearch

Question: 155
Measured Skill: Plan, deploy, and manage compliance, archiving, eDiscovery, and auditing (10–15%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You plan to create a new mailbox for the auditing department.

You need to recommend which task must be performed immediately after the mailbox is created. The solution must meet the compliance requirements.

What should you recommend?

AEnable an archive for the new mailbox.
B Place the new mailbox on Litigation Hold.
C Run the Set-Mailbox cmdlet.
D Run the Start-ManagedFolderAssistant cmdlet.

Correct answer: C

Explanation:

The Compliance Requirements state:

Any new mailbox created for the auditing department must have a retention policy named Audit immediately applied manually after the mailbox is created.

We need to run the Set-Mailbox cmdlet and specify the -RetentionPolicy parameter to apply the retention policy.

Question: 156
Measured Skill: Plan, deploy, and manage an Exchange infrastructure, recipients, and security (15–20%)
Note: This questions is based on a case study. The case study is not shown in this demo.

You need to assign user roles to two administrative users to meet the following requirements:
  • A user named AdminUser1 must be able to reset user account passwords.
  • A user named AdminUser2 must be able to create retention policies and message classifications.
The solution must meet the security requirements.

To which role should you assign each user?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AAdminUser1: Recipient Management
AdminUser2: Organization Management
B AdminUser1: Help Desk
AdminUser2: Records Management
C AdminUser1: Server Management
AdminUser2: Recipient Management
D AdminUser1: Records Management
AdminUser2: Organization Management

Correct answer: B

Explanation:

Microsoft Exchange Server 2016 includes a huge bundle of predefined permissions, based on the Role Based Access Control (RBAC) permission model, which can be used straightaway to grant permissions to administrators and users based on the requirements.

A Role defines a set of tasks that an Administrator or a user can perform, the Role based permissions in Exchange 2016 includes Admin Roles and End-User Roles.

Members of the Help Desk role group can view and manage the configuration for individual recipients and view recipients in an Exchange organization. Members of this role group can only manage the configuration each user can manage on his or her own mailbox. Additional permissions can be added by assigning additional management roles to this role group.

Members of the Records Management role group can configure compliance features such as retention policy tags, message classifications, transport rules, and more.



 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2019 by cert2brain.com