Skip Navigation Links
 

Microsoft - MS-203: Microsoft 365 Messaging

Sample Questions

Question: 236
Measured Skill: Secure the messaging environment (20-25%)

You have a Microsoft Exchange Online tenant that contains a user named User1. User1 has a retention policy to delete Inbox messages after 30 days.

User1 is going on extended leave and requires that the Inbox messages be retained during the user's absence.

You need to temporarily suspend the processing of the Inbox messages for User1.

How should you complete the command?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ASet-CASMailbox "User1" -ECPEnabled $true
B Set-Mailbox "User1" -RetentionEnabled $true
C Set-Mailbox "User1" -RetentionHoldEnabled $true
D Set-OutlookProtectionRule "User1" -ElcProcessingDisabled $true
E Set-RetentionPolicy "User1" -RetentionEnabled $true
F Set-RetentionPolicy "User1" -ECPEnabled $true

Correct answer: C

Explanation:

To meet individual, IT, or business requirements, you may need to turn off or temporarily suspend messaging records management (MRM) for an individual user or for a Mailbox server. Reasons you may need to turn off or suspend MRM include:

  • If a mailbox user is away from the office or is otherwise unable to access e-mail, you can temporarily disable MRM for the mailbox by placing it on retention hold. When a mailbox is on retention hold, it's no longer processed by the Managed Folder Assistant. When the mailbox user returns or is able to access the mailbox again, you can remove the retention hold from the mailbox.

  • If you need to test or troubleshoot performance issues, you can temporarily turn off MRM on that server by clearing the schedule for the Managed Folder Assistant.

  • If you need to remove a retention tag from mailboxes (which have a retention policy with that tag applied), you can remove the tag from the policy.

  • If you want a retention policy or a managed folder mailbox policy to no longer apply to a mailbox, you can remove the policy from the mailbox.

  • If your organization decides not to use MRM features, you can turn off MRM permanently for the entire organization. If you later decide to deploy MRM, you have the ability to do so.

You can place mailboxes on retention hold to turn off MRM temporarily (for example when users are on vacation). This suspends the processing of retention policies for the mailbox until retention hold is disabled. This is different from placing mailboxes on In-Place Hold or litigation hold.

This example places Michael Allen's mailbox on retention hold.

Set-Mailbox "Michael Allen" -RetentionHoldEnabled $true

References:

Turn off or suspend messaging records management

Place a mailbox on retention hold



Question: 237
Measured Skill: Manage organizational settings and resources (30-35%)

You have a Microsoft Exchange Server 2019 organization.

The recovery options for a user named User1 are configured as shown in the following exhibit.



Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AEmail messages that are soft deleted by User1 will be available for the user to recover for 14 days.
When email messages are hard deleted by User1, the messages can be recovered only by restoring from a backup.
B Email messages that are soft deleted by User1 will be available for the user to recover for 14 days.
When email messages are hard deleted by User1, an administrator or User1 can recover the messages without restoring from a backup.
C Email messages that are soft deleted by User1 will be available for the user to recover for 30 days.
When email messages are hard deleted by User1, the messages can be recovered only by restoring from a backup.
D Email messages that are soft deleted by User1 will be available for the user to recover for 30 days.
When email messages are hard deleted by User1, only an administrator can recover the messages without restoring from a backup.
E Email messages that are soft deleted by User1 will be available for the user to recover until a backup occurs.
When email messages are hard deleted by User1, only an administrator can recover the messages without restoring from a backup.
F Email messages that are soft deleted by User1 will be available for the user to recover until a backup occurs.
When email messages are hard deleted by User1, an administrator or User1 can recover the messages without restoring from a backup.

Correct answer: A

Explanation:

The RetainDeletedItemsFor parameter of the Set-Mailbox cmdlet specifies the length of time to keep soft-deleted items for the mailbox. Soft-deleted items are items that have been deleted by using any of these methods:

  • Deleting items from the Deleted Items folder.
  • Selecting the Empty Deleted Items Folder action.
  • Deleting items using Shift + Delete.

These actions move the items into the Recoverable Items\Deletions folder.

Before the deleted item retention period expires, users can recover soft-deleted items in Outlook and Outlook on the web by using the Recover Deleted Items feature.

The DeletedItemRetention parameter of the Set-MailboxDatabase cmdlet specifies the length of time to keep deleted items in the Recoverable Items\Deletions folder in mailboxes. Items are moved to this folder when the user deletes items from the Deleted Items folder, empties the Deleted Items folder, or deletes items by using Shift+Delete.

This setting applies to all mailboxes in the database that don't have their own deleted item retention value configured. If a specific mailbox has its own item retention set, that value is used instead of this value, which is set on the mailbox database.

Soft-deleted and hard-deleted items

When a user deletes a mailbox item (such as an email message, a contact, a calendar appointment, or a task), the item is moved to the Recoverable Items folder, and into a subfolder named "Deletions". This is referred to as a soft deletion. How long deleted items are kept in the Deletions folder depends on the deleted item retention period that is set for the mailbox. An Exchange Online mailbox keeps deleted items for 14 days by default, but Exchange Online administrators can change this setting to increase the period up to a maximum of 30 days. Users can recover, or purge, deleted items before the retention time for a deleted item expires. To do so, they use the Recover Deleted Items feature in Microsoft Outlook or Outlook on the web.

If a user purges a deleted item by using the Recover Deleted Items feature in Outlook or Outlook on the web, this is known as a hard deletion. In Exchange Online, single item recovery is enabled by default when a new mailbox is created, so an administrator can still recover hard-deleted items before the deleted item retention period expires. Also, if a message is changed by a user or a process, copies of the original item are also retained when single item recovery is enabled.

References:

Set-Mailbox

Set-MailboxDatabase



Exchange Online data deletion in Microsoft 365



Question: 238
Measured Skill: Secure the messaging environment (20-25%)

Your company has a Microsoft 365 subscription. All users are assigned Microsoft 365 E5 licenses.

The users receive email messages that appear to come from managers at the company. However, the messages are not from the managers and often include links to malicious websites.

You need to provide a solution to protect the mailboxes of the managers and to inform the users when phishing occurs.

Which two settings should you modify in the anti-phishing policy?

(To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

APhishing threshold
B Impersonated user protection
C Impersonated domain protection
D Trusted impersonated senders and domains
E If message is detected as an impersonated user
F User impersonation safety tip

Correct answer: B, F

Explanation:

Spoofing is a common technique that's used by attackers. Spoofed messages appear to originate from someone or somewhere other than the actual source. This technique is often used in phishing campaigns that are designed to obtain user credentials. The anti-spoofing technology in EOP specifically examines forgery of the From header in the message body (used to display the message sender in email clients). When EOP has high confidence that the From header is forged, the message is identified as spoofed.

To protect the managers' email addresses from beeing spoofed, we have to configure the managers as protected users. 

To inform the users when phishing occurs, we have to configure the user impersonation action to display a safety tip to recipients of the message.

References:

Anti-phishing policies in Microsoft 365

Anti-spoofing protection in EOP



Question: 239
Measured Skill: Secure the messaging environment (20-25%)

You have a Microsoft 365 E5 tenant that contains two Azure Active Directory (Azure AD) security groups named Finance and Marketing.

The tenant contains the users and devices shown in the following table.



The devices are configured as shown in the following table.



A conditional access policy is configured as shown in the following exhibit.



From Microsoft Exchange Online PowerShell, you run the following cmdlet.

Set-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default -ConditionalAccessPolicy ReadOnly

All the users connect to Exchange Online by using Outlook on the web.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

(NOTE: Each correct selection is worth one point.)

www.cert2brain.com

AWhen using Outlook on the web, User1 can only view email attachments: Yes
When using Outlook on the web, User2 can only view and print email attachments: Yes
When using Outlook on the web, User3 can view, download, and print email attachments: Yes
B When using Outlook on the web, User1 can only view email attachments: Yes
When using Outlook on the web, User2 can only view and print email attachments: Yes
When using Outlook on the web, User3 can view, download, and print email attachments: No
C When using Outlook on the web, User1 can only view email attachments: Yes
When using Outlook on the web, User2 can only view and print email attachments: No
When using Outlook on the web, User3 can view, download, and print email attachments: Yes
D When using Outlook on the web, User1 can only view email attachments: No
When using Outlook on the web, User2 can only view and print email attachments: Yes
When using Outlook on the web, User3 can view, download, and print email attachments: No
E When using Outlook on the web, User1 can only view email attachments: No
When using Outlook on the web, User2 can only view and print email attachments: No
When using Outlook on the web, User3 can view, download, and print email attachments: Yes
F When using Outlook on the web, User1 can only view email attachments: No
When using Outlook on the web, User2 can only view and print email attachments: No
When using Outlook on the web, User3 can view, download, and print email attachments: No

Correct answer: C

Explanation:

The ConditionalAccessPolicy parameter of the Set-OwaMailboxPolicy cmdlet specifies the Outlook on the Web Policy for limited access. For this feature to work properly, you also need to configure a Conditional Access policy in the Azure Active Directory Portal.

Valid values are:

  • Off: No conditional access policy is applied to Outlook on the web. This is the default value.
  • ReadOnly: Users can't download attachments to their local computer, and can't enable Offline Mode on non-compliant computers. They can still view attachments in the browser.
  • ReadOnlyPlusAttachmentsBlocked: All restrictions from ReadOnly apply, but users can't view attachments in the browser.

Limit access to Exchange Online from Outlook on the web

You can restrict the ability for users to download attachments from Outlook on the web on umnanaged devices. Users on these devices can view and edit these files using Office Online without leaking and storing the files on the device. You can also block users from seeing attachments on an unmanaged device.

Here are the steps:

  1. Connect to an Exchange Online Remote PowerShell session.

  2. If you don't already have an OWA mailbox policy, create one with the New-OwaMailboxPolicy cmdlet.

  3. If you want to allow viewing of attachments but no downloading, use this command:

    Set-OwaMailboxPolicy -Identity Default -ConditionalAccessPolicy ReadOnly

  4. If you want to block attachments, use this command:

    Set-OwaMailboxPolicy -Identity Default -ConditionalAccessPolicy ReadOnlyPlusAttachmentsBlocked

  5. In the Azure portal, create a new Conditional Access policy with these settings:

    Assignments > Users and groups: Select appropriate users and groups to include and exclude.

    Assignments > Cloud apps or actions > Cloud apps > Include > Select apps: Select Office 365 Exchange Online

    Access controls > Session: Select Use app enforced restrictions

The restrictions from the conditional access policy apply to User1 only. User1 is a member of the Finance group and uses an unmanaged non-compliant device.

References:

Set-OwaMailboxPolicy

Limit access to Exchange Online from Outlook on the web

Conditional Access in Outlook on the web for Exchange Online



Question: 240
Measured Skill: Plan and manage the mail architecture (20-25%)

You have a Microsoft Exchange Online tenant.

You need to create a report to display messages that have a delivery status of Quarantined.

From the modern Exchange admin center, you create a new message trace.

How should you configure the message trace?

(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)

www.cert2brain.com

ATime range: Last 15 days
Report type: Extended report
B Time range: Last 7 days
Report type: Extended report
C Time range: Last 7 days
Report type: Summary report
D Time range: Last 30 days
Report type: Summary report
E Time range: Last 90 days
Report type: Enhanced summary report
F Time range: Last 30 days
Report type: Enhanced summary report

Correct answer: C

Explanation:

Message trace in the modern Exchange admin center (modern EAC) follows email messages as they travel through your Exchange Online organization. You can determine if a message was received, rejected, deferred, or delivered by the service. It also shows what actions were taken on the message before it reached its final status.

Message trace in the modern EAC improves upon the original message trace that was available in the classic Exchange admin center (classic EAC). You can use the information from message trace to efficiently answer user questions about what happened to messages, troubleshoot mail flow issues, and validate policy changes.

The Extended Summary Report and the Enhanced summary report support only downloadable CSV-files. The summary report supports instant online access but is restricted to a search period of a maximum of 10 days.

Reference: Message trace in the modern Exchange admin center





 
Tags: exam, examcollection, exam simulation, exam questions, questions & answers, training course, study guide, vce, braindumps, practice test
 
 

© Copyright 2014 - 2022 by cert2brain.com