Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. (Topic 6)
You have an Exchange Server 2013 organization that has a hybrid deployment with Microsoft Office 365. The hybrid deployment use Active Directory Federation Services (AD FS) 3.0.
You need to ensure that only Exchange ActiveSync devices are allowed to access Office 365 services from outside of the organization.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Create a Mobile Device Mailbox Policy.
B. Update the Office 365 Identify Platform relying party trust.
C. Add claims rules to the Active Directory claims provider trust.
D. Update the Office mobile device policy.
E. Add an Active Directory Identify Platform relying party trust.
Answer: C
Explanation:
C: Step 1: Add claim rules to the Active Directory Claims Provider trust Block all external access to Office 365 except Exchange ActiveSync
The following example allows access to all Office 365 applications, including Exchange Online, from internal clients including Outlook. It blocks access from clients residing outside the corporate network, as indicated by the client IP address, except for Exchange ActiveSync clients such as smart phones. The rule set builds on the default Issuance Authorization rule titled Permit Access to All Users. Use the following steps to add an Issuance Authorization rule to the Office 365 relying party trust using the Claim Rule Wizard: (steps omitted).
B: Step 2: Update the Microsoft Office 365 Identity Platform relying party trust
Reference: Limiting Access to Office 365 Services Based on the Location of the Client
https://technet.microsoft.com/en-us/library/hh526961(v=ws.10).aspx
Q2. (Topic 6)
You have an Exchange Server 2013 organization that contains the servers configured as shown in the following table.
All of the Exchange servers run Windows Server 2012 R2 and are members of a database availability group (DAG) named DAG1. Each server has a copy of all the mailbox databases. DAG1 is configured to have a cluster administrative access point. The file share witness is located in Site A.
EX5 fails and is taken offline permanently.
You need to identify the maximum number of Mailbox servers that can fail simultaneously without affecting the mailbox access of the users.
How many servers should you identify?
A. 2
B. 3
C. 4
D. 5
Answer: A
Q3. (Topic 6)
You have an Exchange Server organization. The organization contains servers that have either Exchange Server 2010 or Exchange Server 2013 installed.
You hire a new helpdesk technician named helpdesk1. Helpdesk1 is a member of the Recipient Management management role group.
You discover that helpdesk1 created nine new mailbox-enabled users by using the New-Mailbox command.
You need to identify which management role provides helpdesk1 with the permissions to create new mailbox-enabled users.
Which cmdlets should you run?
A. Get-ManagementRoleEntry and Get-ManagementRoleAssignment
B. Get-RolegroupMember and Get-ManagementRoleAssignment
C. Get-ManagementRoleEntry and Get-RoleGroup
D. Get-Rolegroup and Get-RoleGroupMember
Answer: A
Explanation:
* Use the Get-ManagementRoleEntry cmdlet to retrieve management role entries that have been configured on management roles.
* Use the Get-ManagementRoleAssignment cmdlet to retrieve management role assignments.
Q4. (Topic 6)
You plan to deploy 20 Client Access servers that will have Exchange Server 2013 installed.
You need to prepare the certificate required for the planned deployment. The solution must ensure that the same certificate can be used on all of the Client Access servers.
What should you do first?
A. On each Client Access server, start the Certificates console and run the Certificate Import Wizard.
B. From the Exchange Admin Center, create a new certificate request.
C. On all of the Client Access servers, run the Get-ExchangeCertificate cmdlet.
D. On one of the Client Access servers, run the New-ExchangeCertificate cmdlet and specify the BinaryEncoding parameter.
Answer: B
Explanation:
Configuring server certificates In Exchange 2013, you can use the Certificate Wizard to request a digital certificate from a certification authority. After you’ve requested a digital certificate, you’ll need to install it on the Client Access server.
Reference: Exchange 2013 Client Access server configuration
https://technet.microsoft.com/en-us/library/hh529912(v=exchg.150).aspx
Q5. DRAG DROP - (Topic 6)
You have an Exchange Server 2013 organization.
Your company identifies the following security requirements:
. Users must be able to send encrypted email messages that can only be decrypted by the intended recipient.
. All email messages sent by a user named User1 to an external recipient must be protected by using TLS.
. All SMTP sessions to a remote SMTP host named SMTP1 must be encrypted.
You need to recommend which technology must be used to meet each requirement.
Which technologies should you recommend? (To answer, drag the appropriate
technologies to the requirements in the answer area. Each technology may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
Q6. DRAG DROP - (Topic 6)
Your company has two offices. Each office is configured as an Active Directory site. The sites are named Site1 and Site2.
You have an Exchange Server 2013 organization that is configured as shown in the following exhibit. (Click the Exhibit button.)
Datacenter Activation Coordination (DAC) mode is enabled on the database availability group (DAG) named DAG1.
You are testing a site failover by shutting down all of the servers in Site1.
You need to mount the databases in Site2.
Which three commands should you run in sequence? (To answer, move the appropriate three commands from the list of commands to the answer area and arrange them in the correct order.)
Answer:
Q7. HOTSPOT - (Topic 1)
You need to resolve the IRM template issue.
Which user right should you modify?
To answer, select the appropriate user right in the answer area.
Answer:
Q8. (Topic 6)
You have an Exchange Server 2013 organization.
A user is involved in a possible litigation matter.
You need to protect all of the messages in a mailbox from permanent deletion.
Which cmdlet should you use?
A. Enable-InboxRule
B. Add-MailboxPermisssion
C. Set-Mailbox
D. Set-Retention Policy
Answer: C
Explanation:
This example configures April Stewart's mailbox to retain deleted items for 30 days.
Set-Mailbox -Identity - "April Stewart" -RetainDeletedItemsFor 30
Note: When a user deletes items from the Deleted Items default folder by using the Delete,
Shift+Delete, or Empty Deleted Items Folder actions, the items are moved to the
Recoverable Items\Deletions folder. The duration that deleted items remain in this folder is
based on the deleted item retention settings configured for the mailbox database or the
mailbox.
Incorrect:
Not D: The Set-Retention Policy is used in a cloud environment only.
Reference: Configure Deleted Item retention and Recoverable Items quotas
https://technet.microsoft.com/en-us/library/ee364752%28v=exchg.150%29.aspx
Q9. (Topic 6)
You have an Exchange Server 2013 organization that is integrated with Microsoft Lync Server 2013. Users report that they fail to make Unified Messaging (UM) calls.
You download the Unified Message Troubleshooting tool.
You need to perform an end-to-end test of the UM components.
Which cmdlet should you use?
A. Test-ExchangeUMCallFlow
B. Test-CsPhoneBootstrap
C. Start-UMPhoneSession
D. Test-UMConnectivity
Answer: A
Explanation:
Use the Test-ExchangeUMCallFlow cmdlet (the UM Troubleshooting Tool) to test call flow between Client Access servers running the Microsoft Exchange Unified Messaging Call Router service, Mailbox servers running the Microsoft Exchange Unified Messaging service, VoIP gateways, IP PBXs, Session Initiation Protocol (SIP) servers and Microsoft Lync Server. The Test-ExchangeUMCallFlow cmdlet can be used to diagnose configuration errors found in telephony components, Exchange 2010 SP1 or later or Exchange 2013 Unified Messaging settings, and connectivity issues between on-premises and hybrid Unified Messaging deployments.
Reference: Test-ExchangeUMCallFlow
https://technet.microsoft.com/en-us/library/ff630913%28v=exchg.150%29.aspx
Q10. (Topic 6)
You have an Exchange Server organization that contains five servers. The servers are configured as shown in the following table.
You deploy Microsoft Lync Server 2010. You need to create a Lync Server SIP Unified
Messaging (UM) dial plan to enable voice integration between Lync Server and Exchange Server.
Which three Exchange servers should you associate to the UM dial plans? (Each correct answer presents part of the solution. Choose three.)
A. Server1
B. Server2
C. Server3
D. Server4
E. Server5
Answer: A,B,E
Explanation:
A: You can enable Unified Messaging (UM) in Microsoft Exchange Server 2010. You must enable the Exchange computer running the Unified Messaging server role before the Unified Messaging server can process calls for UM-enabled Exchange 2010 recipients in your Exchange organization. However, the Unified Messaging server also must be added to a UM dial plan before it can process calls for Unified Messaging.
B, E:
* Requirements and Recommendations Client Access and Mailbox. In Microsoft Exchange Server 2013, Exchange UM runs as a service on these servers.
* Deploy the Exchange Mailbox server roles in each Exchange Unified Messaging (UM) forest where you want to enable users for Exchange UM.
Reference: Configuring Unified Messaging on Microsoft Exchange Server to Work with Lync Server 2013
Q11. (Topic 6)
Your company has two offices. The offices are located in Seattle and Paris.
You have a hybrid deployment of Exchange Server 2013.
All of the users in the Seattle office have mailboxes that are hosted on-premises. All of the users in the Paris office have mailboxes that are hosted in Microsoft Office 365. Azure Rights Management (Azure RMS) is implemented for the Paris office users.
Five of the Seattle office users occasionally receive protected messages from the Paris user. The Seattle office users report that they cannot view the protected content.
You need to recommend a solution to provide the five Seattle office users with the ability to read the protected messages. The solution must minimize costs.
What is the best recommendation to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
A. RMS for Individuals
B. Active Directory Rights Management Services (AD RMS)
C. Information Rights Management (IRM)
D. Azure RMS
Answer: D
Explanation:
You need to have an Office 365 tenant and turn on Windows Azure Rights Management. Once you have this done you need the following:
* Get your Office 365 tenant up and running
* Configure Directory Synchronization between on-premises Active Directory and Windows Azure Active Directory (the Office 365 DirSync tool)
* It is also recommended (but not required) to enable ADFS for Office 365 to avoid having to login to Windows Azure Rights Management when creating or opening protected content.
* Install the connector Etc.
Reference: http://www.c7solutions.com/2014/04/configuring-exchange-on-premises-to-use-azure-rights-management
Q12. DRAG DROP - (Topic 6)
You have an Exchange Server 2010 organization that contains two servers named EX1 and EX2. EX1 and EX2 are members of a database availability group (DAG) named DAG1.
You plan to migrate the organization to Exchange Server 2013.
You install Exchange Server 2013 on two new servers named EX3 and EX4 and you import the required certificates.
You need to recommend which migration tasks must be performed to migrate the mailboxes and the public folders. The solution must meet the following requirements:
. Prevent any interruption to mailbox and public folder access during the migration.
. Ensure that all mailbox and public folder data remains highly available during the
migration.
Which five actions should you perform in sequence before decommissioning EX1 and EX2 from the network? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Answer:
Q13. HOTSPOT - (Topic 6)
You manage an Exchange Server 2013 organization that has an organization relationship with a partner company named Contoso, LTD.
Contoso has an Exchange Server 2013 organization and has Microsoft Outlook 2013 deployed to all users.
You run the Get-OrganizationRelationship | fl and you receive the following output.
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
Q14. HOTSPOT - (Topic 6)
You have an organization that has Exchange Server 2010 and Exchange Server 2013
deployed.
Half of the mailboxes are on Exchange Server 2010 servers and the other half are on
Exchange Server 2013 servers.
You plan to implement Kerberos authentication for all mailbox access.
You need to identify which Service Principal Names (SPNs) to associate with each version of Exchange Server.
In the table below identify which SPNs to associate with each Exchange Server version.
NOTE: Make only one selection in each row.
Answer:
Q15. (Topic 6)
You have an Exchange Server 2013 organization.
You need to ensure that a user named User1 can prevent the deletion of every email message that contains a specific word from all of the mailboxes. The solution must minimize the number of permissions assigned to User1.
What should you do?
A. Add User1 to the Records Management management role group. Instruct User1 to run the New-ManagedContentSettings cmdlet.
B. Add User1 to the Records Management management role group. Instruct User1 to run the New-MailboxSearch cmdlet.
C. Add User1 to the Discovery Management management role group. Instruct User1 to run the New-ManagedContentSettings cmdlet.
D. Add User1 to the Discovery Management management role group. Instruct User1 to run the New-MailboxSearch cmdlet.
Answer: D
Explanation:
* If you want users to be able to use Microsoft Exchange Server 2013 In-Place eDiscovery, you must first authorize them by adding them to the Discovery Management role group. Members of the Discovery Management role group have Full Access mailbox permissions for the Discovery mailbox that's created by Exchange Setup.
* The New-MailboxSearch cmdlet creates an In-Place eDiscovery search or an In-Place Hold. Unless specified, mailboxes on all Exchange 2013 servers in an organization are searched. You can stop, start, modify, or remove the search.