Ensurepass

QUESTION 111

You are a network administrator for a company named Contoso, Ltd. You install the Active Directory Rights Management Services server role on a server. The Active Directory Rights Management Services (AD RMS) server uses an internal certification authority (CA) for all certificates. You plan to provide users with the ability to use AD RMS to protect all of the email messages sent to a partner company named A.Datum Corporation. A.Datum does not have AD RMS deployed. You need to identify which components from the Contoso network must be accessible to A.Datum to ensure that the users at A.Datum can open protected messages. Which two components should you identify? (Each correct answer presents part of the solution. Choose two.)

 

A.

The Active Directory domain controllers

B.

The Client Access servers

C.

The certificate revocation list (CRL)

D.

The Mailbox servers

 

Correct Answer: AC

Explanation:

A: The users in Adatum will need an account on a domain controller in Contoso to open a protected message.

C: The certificate used to secure the message will need to be checked against a certificate revocation list (CRL).

 

 

QUESTION 112

You have an Exchange Server organization. The organization contains servers that have either Exchange Server 2010 or Exchange Server 2013 installed. You hire a junior administrator named Admin5. Admin5 is a member of the Recipient Management management role group. You discover that Admin5 created two new mailbox-enabled users by using the New-Mailbox command. You need to identify which management role provides Admin5 with the permissions to create new mailbox-enabled users. Which cmdlets should you run?

 

A.

Get-ManagementRoleEntry and Get-RoleAssignmentPolicy

B.

Get-Rolegroup and Get-ManagementRoleAssignment

C.

Get-ManagementRoleEntry and Get-ManagementRoleAssignment

D.

Get-RolegroupMember and Get-ManagementRoleAssignment

 

Correct Answer: C

Explanation:

Use the Get-ManagementRoleEntry cmdlet to retrieve management role entries that have been configured on management roles.

Use the Get-ManagementRoleAssignment cmdlet to retrieve management role assignments.

 

 

QUESTION 113

You have an Exchange Server 2013 organization that contains one Client Access server named EX1 and one Mailbox server named EX2. You have a perimeter network and an internal network. The perimeter network contains an Edge Transport server named EX3 that has Exchange Server 2010 installed. You need to ensure that all of the email messages sent to and received from the Internet are routed through the EX3. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

 

A.

Allow SMTP traffic between EX3 and EX2.

B.

Create an Edge Subscription.

C.

Allow traffic over TCP 50636 from EX1 to EX3.

D.

Allow SMTP traffic between EX3 and EX1.

E.

Allow traffic over TCP 50636 from EX2 to EX3.

F.

Modify the default Receive connector on EX2.

 

Correct Answer: ABE

Explanation:

To establish Internet mail through an Edge Transport server, subscribe the Edge Transport server to an Active Directory site. This automatically creates the two Send connectors required for Internet mail flow:

 

image006A Send connector configured to send outbound email to all Internet domains.

image006[1]A Send connector configured to send inbound email from the Edge Transport server to an Exchange 2013 Mailbox server.

 

SMTP traffic and ports TCP 50636 must be allowed between the mailbox server (routing service) and the Edge server.

 

 

QUESTION 114

You are an administrator for a company named Contoso, Ltd. Contoso has an Exchange Server 2013 organization. Contoso has a partnership agreement with a company named A.Datum Corporation. A.Datum has an Exchange server 2013 organization. Both organizations have a federation trust to the Microsoft Federation Gateway. Users at Contoso plan to share their free/busy information with users at A.Datum. You need to recommend which tasks must be performed to ensure that the A.Datum users can see the free/busy information of the Contoso users. Which two actions should you recommend? (Each correct answer presents part of the solution. Choose two.)

 

A.

In the Exchange Server organization of Contoso, configure directory synchronization.

B.

In the Exchange Server organization of A.Datum, create a sharing policy.

C.

In the Exchange Server organization of A.Datum, configure directory synchronization.

D.

In the Exchange Server organization of Contoso, create an organization relationship.

E.

In the Exchange Server organization of Contoso, create a sharing policy.

F.

In the Exchange Server organization of A.Datum, create an organization relationship.

 

Correct Answer: DE

Explanation:

Business-to-business calendar sharing is set up by creating organization relationships. User-to-user calendar sharing is set up by applying sharing policies.

 

There is no requirement for Contoso users to view the free/busy information of the A.Datum users. Therefore, we don’t need to create an organization relationship in A.Datum.

 

Configure Federated Sharing

Step 1: Create and configure a federation trust (this has already been done here)

 

Step 2 (D): Create an organization relationship

An organization relationship enables users in your Exchange organization to share calendar free/busy information as part of federated sharing with other federated Exchange organizations.

 

Step 3 (E): Create a sharing policy

Sharing policies enable user-established, people-to-people sharing of both calendar and contact information with different types of external users. They support the sharing of calendar and contact information with external federated organizations, external non- federated organizations, and individuals with Internet access. If you don’t need to configure people-to-people or contact sharing (organization-level sharing only), you don’t need to configure a sharing policy.

 

Step 4: Configure an Autodiscover public DNS record

 

Note:

With federated sharing, users in your on-premises Exchange organization can share free/busy calendar information with recipients in other Exchange organizations that are also configured for federated sharing. Free/busy sharing can be enabled between two organizations running Exchange 2013 and also between organizations with a mixed Exchange deployment.

 

 

QUESTION 115

HOTSPOT

Your network contains two Active Directory sites named Site1 and Site2. Both sites contain an equal number of users. Each site contains two Exchange Server 2013 Mailbox servers.

 

You need to recommend a high-availability solution that meets the following requirements:

 

image006[2]If a single Mailbox server fails, the active mailbox database copies on that server must fail over to a Mailbox server in the same site.

image006[3]If both Mailbox servers in the same site fail, the active mailbox databases copies must be switched over to the other site manually.

image006[4]If a WAN link fails, multiple copies of the same mailbox database must not be activated in both sites simultaneously.

 

How should you configure the database availability groups (DAGs)? (To answer, configure the appropriate options in the answer area.)

 

image227

image228

 

Correct Answer:

image229

 

 

 

 

 

 

 

 

QUESTION 116

You have a database availability group (DAG). The DAG is configured as shown in the following table.

 

image230

 

You need to prevent a split-brain condition if a restore operation of the DAG occurs. What should you do?

 

A.

Deploy an alternate witness server to each site.

B.

Modify the Datacenter Activation Coordination (DAC) mode.

C.

Set the quorum model of the cluster to Node and Disk Majority.

D.

Deploy another Mailbox server to Site2.

 

Correct Answer: B

Explanation:

Datacenter Activation Coordination (DAC) mode is a property setting for a database availability group (DAG). DAC mode is disabled by default and should be enabled for all DAGs with two or more members that use continuous replication.

 

If a catastrophic failure occurs that affects the DAG (for example, a complete failure of one of the datacenters), DAC mode is used to control the startup database mount behavior of a DAG. When DAC mode isn’t enabled and a failure occurs that affects multiple servers in the DAG, and then when a majority of the DAG members are restored after the failure, the DAG will restart and attempt to mount databases. In a multi-datacenter configuration, this behavior could cause split brain syndrome, a condition that occurs when all networks fail, and DAG members can’t receive heartbeat signals from each other. Split brain syndrome can also occur when network connectivity is severed between datacenters. Split brain syndrome is prevented by always requiring a majority of the DAG members (and in the case of DAGs with an even number of members, the DAG’s witness server) to be available and interacting for the DAG to be operational. When a majority of the members are communicating, the DAG is said to have quorum.

 

 

QUESTION 117

You have a hybrid deployment of Exchange Server 2013 and Microsoft Office 365. The Exchange Server organization has a mailbox size limit of 2 GB.

 

You need to provide engineers with the ability to retain certain email messages indefinitely. The solution must meet the following requirements:

 

image006[5]Ensure that the engineers can access the retained email messages by using Outlook Web App.

image006[6]Ensure that the retained email messages do not apply to the mailbox size limit of the engineers.

image006[7]Minimize the storage requirements of the on-premises servers.

 

Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

 

A.

From Office 365, create Archive mailboxes.

B.

Instruct the engineers to create a personal folder.

C.

Create a retention policy.

D.

From the on-premises Exchange Server 2013 organization, create Archive mailboxes.

E.

Create a data loss prevention (DLP) policy.

 

Correct Answer: AC

Explanation:

C:

image231

 

A:

In Exchange Server an archive mailbox is a second mailbox provisioned for a user that is separate to their primary user mailbox.

 

 

QUESTION 118

You are an administrator for an international finance company. You plan to deploy an Exchange Server 2013 organization. The company’s compliance policy requires that all users be prevented from sending email messages that contain more than one bank account number to external recipients. You need to meet the compliance policy requirement. What should you create?

 

A.

A data loss prevention (DLP) policy and a DLP policy rule

B.

A retention policy, a retention tag, and a Policy Tip

C.

A throttling policy and a throttling policy association

D.

A transport rule and a moderated mailbox

 

Correct Answer: A

Explanation:

Sensitive Information Types in DLP Policies

 

When you create DLP policies, you can include rules that include checks for sensitive information. The conditions that you establish within a policy, such as how many times something has to be found before an action is taken or exactly what that action is can be customized within your new custom policies in order to meet your business requirements. Sensitive information rules are integrated with the transport rules framework by introduction of a condition that you can customize: If the message contains…Sensitive Information. This condition can be configured with one or more sensitive information types that are contained within the messages.

 

 

QUESTION 119

DRAG DROP

You have a server that has Exchange Server 2013 installed. You plan to deploy Unified Messaging (UM) to all users. You have two UM IP gateways named GW1 and GW2.

 

You create, and then associate a new UM dial plan for each IP gateway. The IP gateways are configured as shown in the following table.

 

image232

 

You need to recommend a solution that meets the following security requirements:

 

image006[8]All voice traffic received by GW1 must be encrypted.

image006[9]All voice traffic received by GW2 must be unencrypted.

image006[10]All signaling traffic to GW1 and GW2 must be encrypted.

 

Which security settings should you recommend configuring for each dial plan? To answer, drag the appropriate security setting to the correct UM dial plan in the answer area. Each security setting may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.

 

image233

 

Correct Answer:

image234

 

 

QUESTION 120

You are employed as an Exchange administrator at ABC.com. ABC.com has an Active Directory domain, named ABC.com. ABC.com makes use of an Exchange Server 2013 configuration in their environment. You have configured the use of Information Rights Management (IRM) in ABC.com’s environment. You have been instructed to make sure that e-mails sent by ABC.com’s users via Outlook Web App can be secured with Information Rights Management (IRM). Which of the following is the action you should take FIRST?

 

A.

You should consider creating a universal security group.

B.

You should consider creating a database availability group (DAG).

C.

You should consider creating an Active Directory group.

D.

You should consider creating a distribution group.

 

Correct Answer: D

 

Instant Access to Download Latest Complete Collection of Microsoft 70-342 Real Exam

Try Microsoft 70-342 Free Demo