Microsoft - MS-203: Microsoft 365 Messaging
Sample Questions
Question: 328
Measured Skill: Plan and manage the mail transport architecture (20-25%)
You have a Microsoft Exchange Server 2019 organization. All recipients have an SMTP address in the <alias>@adatum.com format.
You purchase a new domain named contoso.com.
You need to configure all the recipients to have a primary SMTP address in the
<alias>@contoso.com format as soon as possible.
Which three actions should you perform in sequence?
(To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.)
| A | Sequence: 5, 2, 6 |
| B | Sequence: 2, 1, 6 |
| C | Sequence: 3, 4, 6 |
| D | Sequence: 2, 5, 6 |
Correct answer: CExplanation:
First, we need to add contoso.com as an authoritative accepted domain using the Microsoft 365 admin center.
Second, we need to modify the default email address policy to assign contoso.com as the default SMTP domain. This can be done by running the Set-EmailAddressPolicy cmdlet.
Lastly, we need to run the Update-EmailAddressPolicy to apply the updated policy to recipients.
Reference: Set-EmailAddressPolicy
Question: 329
Measured Skill: Plan and implement a hybrid configuration and migration (20-25%)
You have a hybrid deployment of Microsoft Exchange Server 2019.
You need to migrate 500 users to Exchange Online. The details of the users are stored in a file named C:\Users.csv.
How should you complete the PowerShell commands?
(To answer, drag the appropriate cmdlets to the correct targets. Each cmdlet may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)
| A | P1: New-MigrationEndpoint
P2: New-MigrationBatch |
| B | P1: New-MoveRequest
P2: Set-MigrationUser |
| C | P1: New-MoveRequest
P2: Set-MigrationUser |
| D | P1: Set-MigrationConfig
P2: New-MigrationBatch |
| E | P1: Set-MigrationUser
P2: New-MigrationEndpoint |
| F | P1: New-MigrationBatch
P2: New-MoveRequest |
Correct answer: AExplanation:
To move the mailbox data, Exchange Online needs to connect and communicate with the source email system on-premises. To do this, Exchange Online uses a migration endpoint. A migration endpoint is a management object in Exchange Online that contains the connection settings and administrator credentials for the source server that hosts the mailboxes that we want to migrate to Exchange Online.
To create the migration endpoint, we use the New-MigrationEndpoint cmdlet.
The New-MigrationBatch cmdlet is used to submit a new migration request for a batch of users using the previously created endpoint.
References:
New-MigrationEndpoint
New-MigrationBatch
Question: 330
Measured Skill: Secure the messaging environment (20-25%)
You have a Microsoft Exchange Online tenant.
You receive an email that was scanned by Exchange Online Protection (EOP) and contains the following message header.
...BCL:7;CTRY:;LANG:hr;SCL:5;SRV:;IPV:NLI;SFV:SPM;PTR:;CAT:NONE;SFTY:;...
The email was delivered to the Junk Email folder.
You need to identify which value pairs in the header indicate the following:
- The email was not received from a known open relay.
- The email is from a bulk sender.
What should you identify?
(To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.)
| A | The email was not received from a known open relay: BCL:7
The messages is from a bulk sender: SFV:SPM |
| B | The email was not received from a known open relay: BCL:7
The messages is from a bulk sender: SCL:5 |
| C | The email was not received from a known open relay: IPV:NLI
The messages is from a bulk sender: BCL:7 |
| D | The email was not received from a known open relay: SFV:SPM
The messages is from a bulk sender: SCL:5 |
| E | The email was not received from a known open relay: SFV:SPM
The messages is from a bulk sender: BCL:7 |
| F | The email was not received from a known open relay: SCL:5
The messages is from a bulk sender: IPV:NLI |
Correct answer: CExplanation:
In all Microsoft 365 organizations, Exchange Online Protection (EOP) scans all incoming messages for spam, malware, and other threats. The results of these scans are added to the following header fields in messages:
X-Forefront-Antispam-Report: Contains information about the message and about how it was processed.
X-Microsoft-Antispam: Contains additional information about bulk mail and phishing.
Authentication-results: Contains information about SPF, DKIM, and DMARC (email authentication) results.
IPV:NLI signals that the IP address was not found on any IP reputation list. IP reputation measures the behavioral quality of an IP address and how many unwanted requests it sends. If an IP address sends authentic, spam-free emails, it gets a positive IP reputation score.
EOP assigns a bulk complaint level (BCL) to inbound messages from bulk mailers. The BCL is added to the message in an X-header and is similar to the spam confidence level (SCL) that's used to identify messages as spam. A higher BCL indicates a bulk message is more likely to generate complaints (and is therefore more likely to be spam). Microsoft uses both internal and third party sources to identify bulk mail and determine the appropriate BCL.
Bulk mailers vary in their sending patterns, content creation, and recipient acquisition practices. Good bulk mailers send desired messages with relevant content to their subscribers. These messages generate few complaints from recipients. Other bulk mailers send unsolicited messages that closely resemble spam and generate many complaints from recipients. Messages from a bulk mailer are known as bulk mail or gray mail.
Spam filtering marks messages as Bulk email based on the BCL threshold (the default value or a value you specify) and takes the specified action on the message (the default action is deliver the message to the recipient's Junk Email folder).
References:
Anti-spam message headers in Microsoft 365
Bulk complaint level (BCL) in EOP
Question: 331
Measured Skill: Secure the messaging environment (20-25%)
You have a Microsoft Exchange Online tenant that contains public folders.
You need to search all the public folders for items that contain product codes. Users must NOT be able to delete items identified in the search.
What should you do?| A | From the Exchange admin center, create a mail flow rule. |
| B | From the Exchange admin center, start a message trace. |
| C | From the Microsoft 365 Purview compliance center, configure an eDiscovery case. |
| D | From the Microsoft 365 Purview compliance center, configure Endpoint data loss prevention (Endpoint DLP). |
Correct answer: CExplanation:
Microsoft Purview-eDiscovery (Standard) in Microsoft Purview bietet ein einfaches eDiscovery-Tool, mit dem Organisationen Inhalte in Microsoft 365 und Office 365 durchsuchen und exportieren können. Sie können eDiscovery (Standard) auch verwenden, um Inhaltsspeicherorte wie Exchange-Postfächer, SharePoint-Websites, OneDrive-Konten und Microsoft Teams in einem eDiscovery-Haltebereich zu speichern.
Der folgende Microsoft Learn-Artikel enthält weitere Informationen zum Thema:
Erste Schritte mit eDiscovery (Standard) in Microsoft Purview
Question: 332
Measured Skill: Manage organizational settings and resources (30-35%)
You have a Microsoft 365 subscription that contains two groups named Group1 and Group2. The members of the groups need to perform the tasks shown in the following table.
You need to add Group1 and Group2 to role groups to grant users the required permissions.. The solution must use the principle of least privilege.
To which role group should you add each group?
(To answer, drag the appropriate role groups to the correct groups. Each role group may be used once, more than once, or not at all. NOTE: Each correct selection is worth one point.)
| A | Group1: Compliance Management
Group2: Organization Management |
| B | Group1: Hygiene Management
Group2: Records Management |
| C | Group1: Organization Management
Group2: Compliance Management |
| D | Group1: Records Management
Group2: Security Operator |
| E | Group1: Security Operator
Group2: Hygiene Management |
Correct answer: CExplanation:
Every administrator who manages Exchange Online must be assigned at least one or more roles. Administrators might have more than one role because they may perform job functions that span multiple areas in Exchange Online.
To make it easier to assign multiple roles to an administrator, Exchange Online includes role groups. When a role is assigned to a role group, the permissions granted by the role are granted to all the members of the role group. This enables you to assign many roles to many role group members at once. Role groups typically encompass broader management areas, such as recipient management. They're used only with administrative roles, and not end-user roles. Role group members can be Exchange Online users and other role groups.
Members of the Organization Management role group have administrative access to the entire Exchange Online organization and can perform almost any task in Exchange Online.
Members of the Compliance Management role group can configure and manage compliance settings including DLP within Exchange in accordance with their policies.
References:
Permissions in the Microsoft Purview compliance portal
Roles and role groups in the Microsoft 365 Defender and Microsoft Purview compliance portals
Permissions in Exchange Online