Topic 1, Contoso Ltd
Overview
General Overview
Contoso, Ltd. is a national freight company in the United States. The company has 15,000 employees.
Physical Locations
Contoso has a main office in Houston and 10 branch offices that each contains 1,000 employees.
Existing Environment
Active Directory and Microsoft Exchange Server Environments
The network contains an Active Directory forest named contoso.com. The forest contains one root domain named contoso.com and 10 child domains. All domain controllers run Windows Server 2019.
The forest has Active Directory Certificate Services (AD CS) and Active Directory Federation Services (AD FS) deployed.
You have a hybrid deployment of Exchange Server 2019 and Microsoft Office 365.
There are 2,000 user mailboxes in Exchange Online.
Each office contains two domain controllers and two Mailbox servers. the main office also contains an Edge transport server.
The organization contains 100 public folders. The folders contain 80 GB of content.
All email messages sent to contoso.com are delivered to Exchange Online. All messages sent to on-premises mailboxes are routed through the Edge Transport server.
Advanced Threat Protection (ATP) is enabled and configured for the Office 365 tenant.
Network Infrastructure
Each office connects directly to the Internet by using a local connection. The offices connect to each other by using a WAN link.
Requirements
Planned Changes
Contoso plans to implement the following changes:
✑ For all new users in the on-premises organization, provide an email address that uses the value of the Last Name attribute and the first two letters of the First Name attribute as a prefix.
✑ Decommission the public folders and replace the folders with a Microsoft 265 solution that maintains web access to the content.
Technical Requirements
Contoso identifies the following technical requirements:
✑ All email messages sent from a SMTP domain named adatum.com must never be identified as spam.
✑ Any solution to replace the public folders must include the ability to collaborate with shared calendars.
Security Requirements
Contoso identifies the following security requirements:
✑ The principle of least privilege must be applied to all users and permissions.
✑ All email messages sent from an SMTP domain named com to contoso.com must be encrypted.
✑ All users must be protected from accessing unsecure websites when they click on URLs embedded in email messages.
✑ If a user attempts to send an email message to a distribution group that contains more than 15 members by using Outlook, the user must receive a warning before sending the message.
Problem statements
Recently, a user named HelpdeskUser1 erroneously created several mailboxes.
Helpdesk1user1 is a member of the Recipient Management management role group.
Users who have a mailbox in office 365 report that it takes a long time for email messages containing attachments to be delivered.
Exhibit
You need to recommend a solution for the public folders that supports the planned changes and meets the technical requirements.
What should you recommend?
- A . Microsoft SharePoint site mailboxes
- B . Office 365 groups
- C . Resource mailboxes
- D . Public folder replicas
B
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/collaboration/public-folders/migrate-to-office-365-groups?view=exchserver-2019
You need to resolve the email delivery delay issue.
What should you do?
- A . From the Security & Compliance admin center, modify the safe attachments policy
- B . From the Security & Compliance admin center, create a supervision policy.
- C . From the Exchange admin center in Exchange Online, modify the antimalware policy.
- D . From the Exchange admin center in Exchange Online, modify the spam filter policy.
A
Explanation:
Reference: https://docs.microsoft.com/en-us/office365/securitycompliance/dynamic-delivery-and-previewing
HOTSPOT
You need to configure the environment to support the planned changes for email addresses.
How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/email-addresses-and-address-books/new-emailaddresspolicy?view=exchange-ps
https://docs.microsoft.com/en-us/Exchange/email-addresses-and-address-books/email-address-policies/email-address-policies?view=exchserver-2019
HOTSPOT
Use the drop-down menus to select the answer choice that complete each statement based on the information presented in the Exchange Online Connector exhibit. NOTE: Each correct selection is worth one point.
Explanation:
SenderDomains
to the Edge Transport server encrypted
You need to configure the Exchange organization to meet the security requirements for sending email messages to distribution groups.
Which cmdlet should you run?
- A . Set-OrganizationConfig
- B . Set-DistributionGroup
- C . Set-Mailbox
- D . New-PolicyipConfig
B
Explanation:
To meet the security requirements for sending email messages to distribution groups in Exchange, you should use the Set-DistributionGroup cmdlet. This cmdlet is used to modify the properties of existing distribution groups.
You need to recommend an Office 365 solution that meets the technical requirements for email from adatum.com.
Which two components should you recommend configuring from the Exchange admin center in Exchange Online? Each correct presents a complete solution. NOTE: Each correct selection is worth one point.
- A . DKIM signatures
- B . a spam filter
- C . a malware filter
- D . data loss prevention (DLP) policies
- E . a connection filter
You must prevent HelpDeskUser1 from repeating the same mistake.
You need to identify which management role provided HelpDeskUser1 with the necessary permissions to make the mistake identified in the problem statement.
Which two cmdlets should you run? Each correct answer presents part of the solution.
- A . Get-RoleGroup
- B . Get-ManagementRoleEntry
- C . Get-RoleGroupMember
- D . Get-ManagementRoleAssignment
- E . Get-ManagementRole
BD
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/exchange/find-exchange-cmdlet-permissions?view=exchange-ps
You need to recommend a solution that meets the security requirements for protecting users.
What should you recommend?
- A . From the Security & Compliance admin center, create an ATP safe attachments policy.
- B . From the Exchange admin center in Exchange Online, create a spam filter policy.
- C . From the Security & Compliance admin center, create an ATP anti-phishing policy.
- D . From the Security & Compliance admin center, create an ATP Safe Links policy.
C
Explanation:
The ATP anti-phishing policy in the Security & Compliance admin center provides protection against phishing attempts and impersonation, which aligns with the requirement to protect users.
Topic 2, Litware, inc
Case Study
Overview
Litware, Inc. is food service supplier in Europe.
Physical Locations
Litware has a main office in Paris and branch offices in Munich, London, Brussels, Vienna, and Rome.
Each branch office has its own compliance officer.
Existing Environment
The network contains one Active Directory forest named litware.com. The forest contains a single Active Directory domain. Each office is configured as an Active Directory site.
Each branch office is represented organizational unit (OU) in an OU named Offices in Active Directory.
Each branch office has a special Administrators group that contains the delegated administrators for that office. Each Administrators group is named based on its location in a format of RegionalAdmins_Brussels, RegionalAdmins_Munich, RegionalAdmins_London, RegionalAdmins_Vienna and RegionalAdmins_Rome.
Network Infrastructure
Each office contains two domain controllers from the litware.com domain. All the domain controllers are configured as DNS servers. All client computers connect only to the DNS servers in their respective office.
All offices have a high-speed connection to the Internet. Each office connects to the Internet by using a VPN appliance.
Each office has the following servers and client computers:
✑ One reverse proxy appliance
✑ One Microsoft Exchange Server 2019 server
✑ One Windows Server Update Services (WSUS) server
✑ Computers that run Windows 10 and have Microsoft Office 2019 installed.
The office in Brussels contains an Exchange Server 2016 server that has the Unified Messaging role installed and hosted voicemail configured.
Mailboxes are hosted on all the Exchange servers. Public folders are hosted only on an
Exchange server in the main office. Litware uses a disjoint namespace to access the servers.
Each user has an archive mailbox. Archiving is configured to use the default settings.
Exchange services are published to the internet by using a reverse proxy in each office.
A full backup of Exchange is performed nightly. Incremental backups occur every six hours.
All the users in the transport department connect to network resources by using a connection in the main office.
Requirements
Planned Changes
Litware plans to implement the following changes:
✑ Implement calendar sharing to partner companies.
✑ Implement a solution that prevents malware from being delivered to end users.
✑ Use personal archives to eliminate the need for PST files.
✑ Ensure the Brussels office and move all the users in the Brussels office to the main office. All the mailboxes in the Brussels office will be moved to a server in the main office.
✑ Implement a compliance solution to ensure that items deleted from public folders are retained. If an item in a public folder is modified, the original version of the item must be available.
Technical Requirements
Litware identifies the following technical requirements:
✑ Minimize administrative effort.
✑ Use the principle of least privilege.
✑ Ensure that junk email is deleted automatically after 14 days.
✑ Ensure that sent items and deleted items are deleted automatically after 30 days.
✑ Ensure that users in the customer service department can open multiple mailboxes.
✑ Ensure that all the former Brussels office users always maintain access to hosted voicemail.
✑ Ensure that the staff in the IT department can manage the email environment without and-user involvement.
✑ Ensure that users cannot recover email messages that are deleted from the Junk Email folder and the Deleted Items.
✑ Ensure that if an email message has a spam confidence level (SCL) of 3 or higher, the message automatically moves to the Junk Email folder.
Problem statements
The transport department users report that accessing a public folder named TransportPF is sometimes very slow.
Users in the customer service department report that Microsoft Outlook sometimes hangs when many mailboxes are open.
You need to resolve the issue for the transport department users.
What is the best way to achieve the goal? More than one answer choice may achieve the goal. Select the BEST answer.
- A . Move the public folder mailbox that contains TransportPF to a server in the main office.
- B . Move TransportPF to a public folder mailbox hosted in the main office.
- C . Modify the default public folder mailbox for all the transport department users.
- D . Instruct the transport department users to add TransportPF to their Favorites list in Outlook.
B
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/recipients/mailbox-moves?view=exchserver-2019
You need to recommend a solution to retain the items in the public folders. The solution must support the planned changes.
What should you recommend?
- A . Create an Outlook rule that forwards all the items in each public folder to a compliance mailbox.
- B . Place an In-Place Hold on all the mailboxes of the public folders.
- C . Increase the frequency of the backups.
- D . Modify the public folder permissions.
B
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/security-and-compliance/in-place-and-litigation-holds#placingpublic-folders-on-hold
You need to recommend a procedure for closing the Brussels office that meets the technical requirements.
What should you recommend?
- A . In the main office, deploy an Exchange Server 2016 server that has the Unified Messaging role installed, and then move the mailboxes from the Brussels office to the new server.
- B . Deploy a Microsoft Skype for Business 2019 server to the main office, and then move the mailboxes from the Brussels office to an Exchange Server 2019 server in the main office.
- C . Implement a new mailbox database on an Exchange Server 2019 server in the main office, and then move the mailboxes from the Brussels office to the new mailbox database.
- D . Implement a new database availability group (DAG) that contains the server in the Brussels office and a new Exchange Server 2019 server in the main office, and then create a mailbox database copy on the new server in the main office.
C
Explanation:
Reference:
https://docs.microsoft.com/en-us/exchange/architecture/mailbox-servers/manage-mailbox-moves?view=exchserver-2019
https://theitbros.com/move-exchange-mailboxes-to-another-database/
HOTSPOT
You need to implement a solution to meet the technical requirements for the SCL.
How should you complete the command? To answer, select the appropriate options in the answer area.
You need to configure the required objects for the branch office administrators.
What should you create for each administrator?
- A . a management role assignment policy and a management role group
- B . a management role scope and a management role assignment
- C . a management role scope and a management role group
- D . a management role and a management role assignment policy
B
Explanation:
Management role scopes define the specific scope of objects that administrators can manage. The management role assignment then links a role (which defines what can be done) to a role scope (which defines where it can be done). This combination ensures that the branch office administrators have the appropriate permissions for their specific locations.
HOTSPOT
You need to implement a solution that meets the technical requirements for the retention of junk email, sent items, and deleted items.
What is the minimum number of retention policies and retention tags you should use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to implement a solution to support the planned changes for the helpdesk users.
What should you do?
- A . Assign the Recipient Policies role to the helpdesk users and a default management scope
- B . Assign the Mail Recipients role to the helpdesk users and use a default management scope
- C . Assign the Mail Recipients role to the helpdesk users and create a custom management scope
- D . Assign the Recipient Policies roles to the helpdesk users and create a custom management scope
You need to resolve the issue for the customer service department users.
What should you modify?
- A . a transport rule
- B . the Send connector to the Internet
- C . the tarpit interval
- D . the global throttling policy
HOTSPOT
Your company named Contoso, Ltd. has a Microsoft Exchange Server 2019 organization that contains the mailbox databases shown in the following table.
You need to assign an offline address book (OAB) named Managers to all the users in a group named Managers.
How should you complete the PowerShell script? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to implement a solution to support the planned changes for the branch office administrators.
What should you do?
- A . Assign the Mail Recipients role to the branch office administrators and use a default management scope.
- B . Assign the Mail Recipients role to the branch office administrators and create a custom management scope.
- C . Assign the Recipient Policies role to the branch office administrators and use a default management scope.
- D . Assign the Recipient Policies role to the branch office administrators and create a custom management scope.
B
Explanation:
Ensure that the branch office administrators can configure the properties of the mailboxes in their respective offices only.
Reference: https://docs.microsoft.com/en-us/exchange/mail-recipients-role-exchange-2013-help
Topic 3, Fabrikam, Inc
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Fabrikam, Inc. is a consulting company that has a main office in Montreal.
Fabrikam has a partnership with a company named Litware, Inc.
Existing Environment
Network Environment
The on-premises network of Fabrikam contains an Active Directory domain named fabrikam.com.
Fabrikam has a Microsoft 365 tenant named fabrikam.com. All users have Microsoft 365 Enterprise E5 licenses.
User accounts sync between Active Directory Domain Services (AD DS) and the Microsoft 365 tenant.
Fabrikam.com contains the users and devices shown in the following table.
Fabrikam currently leases mobile devices from several mobile operators.
Microsoft Exchange Online Environment
All users are assigned an Outlook Web App policy named FilesPolicy.
In-Place Archiving is disabled for Exchange Online.
You have the users shown in the following table.
User1 and User3 use Microsoft Outlook for iOS and Android to access email from their mobile device. User2 uses a native Android email app.
A Safe Links policy in Microsoft Defender for Office 365 is applied to the fabrikam.com tenant. The marketing department uses a mail-enabled public folder named FabrikamProject.
Default MRM Policy is disabled for the fabrikam.com tenant.
Problem Statements
Fabrikam identifies the following issues:
✑ Users report that they receive phishing emails containing embedded links.
✑ Users download and save ASPX files when they use Outlook on the web.
✑ Email between Fabrikam and Litware is unencrypted during transit.
✑ User2 reports that he lost his mobile device.
Requirements
Planned Changes
Fabrikam plans to implement the following changes:
✑ Configure FilesPolicy to prevent Outlook on the web users from downloading attachments that have the ASPX extension.
✑ Purchase a new smartboard and configure the smartboard as a booking resource in Exchange Online.
✑ Ensure that the new smartboard can only be booked for a maximum of one hour.
✑ Allow only Admin1 to accept or deny booking requests for the new smartboard.
✑ Standardize mobile device costs by moving to a single mobile device operator.
✑ Migrate the FabrikamProject public folder to Microsoft SharePoint Online.
✑ Enable In-Place Archiving for users in the marketing department.
✑ Encrypt all email between Fabrikam and Litware.
Technical Requirements
Fabrikam identifies the following technical requirements:
✑ Ensure that the planned Sharepoint site for FabrikamProject only contains content that was created during the last 12 months.
✑ Any existing file types that are currently configured as blocked or allowed in the FilesPolicy policy must remain intact.
✑ When users leave the company, remove their licenses and ensure that their mailbox is accessible to Admin1 and Admin2.
✑ Generate a report that identifies mobile devices and the mobile device operator of each device.
✑ Use the principle of least privilege.
✑ Minimize administrative effort.
Retention requirements
Fabrikam identifies the following retention requirements for all users:
✑ Enable users to tag items for deletion after one year.
✑ Enable users to tag items for deletion after two years.
✑ Enable users to tag items to be archived after one year.
✑ Automatically delete items in the Junk Email folder after 30 days.
✑ Automatically delete items in the Sent Items folder after 300 days.
✑ Ensure that any items without a retention tag are moved to the Archive mailbox two years after they were created and permanently deleted seven years after they were created.
HOTSPOT
You need to modify FilesPolicy to prevent users from downloading ASPX files. The solution must meet the technical requirements.
How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/set-owamailboxpolicy?view=exchange-ps
HOTSPOT
You need to configure the new smartboard to support the planned changes.
Which three settings should you configure? To answer, select the appropriate settings in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/recipients-in-exchange-online/manage-resource-mailboxes
You need to generate a report for the mobile devices that meets the technical requirements.
Which PowerShell cmdlet should you use?
- A . Get-DevicePolicy
- B . Get-MobileDevice
- C . Get-MobileDeviceStatistics
- D . Get-DeviceTenantPolicy
B
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/get-mobiledevice?view=exchange-ps
You need to identify which users clicked the links in the phishing emails.
What should you do?
- A . Run a message trace and review the results.
- B . Query the mailbox audit log.
- C . Use the URL trace reporting feature.
- D . Review the quarantine mailbox.
C
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/get-maildetailatpreport?view=exchange-ps
HOTSPOT
You need to perform a remote wipe of the devices of User2 and User3.
You run the following commands.
Clear-MobileDevice -id User2-Device
-NotificationEmailAddress "admin@Fabrikam.com"
Clear-MobileDevice -id User3-Device
-NotificationEmailAddress "admin@Fabrikam.com"
What occurs on each device? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
User3 leaves the company.
You need to ensure that Admin1 and Admin2 can access the mailbox of User3. The solution must meet the technical requirements.
What should you do?
- A . Migrate the mailbox of User3 to a distribution group.
- B . Migrate the mailbox of User3 to a Microsoft 365 group.
- C . Convert the mailbox of User3 into a resource mailbox.
- D . Convert the mailbox of User3 into a shared mailbox.
D
Explanation:
Fabrikam identifies the following technical requirements:
✑ When users leave the company, remove their licenses and ensure that their mailbox is accessible to Admin1 and Admin2.
If you remove the license from User3, the mailbox will be deleted after 30 days. Converting the mailbox to a shared mailbox will ensure that the mailbox is not deleted. You would still need to give Admin1 and Admin2 permissions to access the mailbox.
Reference: https://docs.microsoft.com/en-us/microsoft-365/admin/email/convert-user-mailbox-to-shared-mailbox?view=o365-worldwide
You need to identify the contents of the FabrikamProject public folder to meet the technical requirements.
Which PowerShell cmdlet should you run?
- A . Get-PublicFolderScaciscics
- B . Get-PublicFolderltemStatistics
- C . Get-PublicFolderMailboxDiagnoscics
- D . Get-PublicFolder
B
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/get-publicfolderitemstatistics?view=exchange-ps
HOTSPOT
You need to ensure that In-Place Archiving is enabled for the marketing department users.
Which user should perform the change, and which tool should the user use? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
You need to encrypt email between Fabrikam and Litware to support the planned changes.
What should you configure in the Exchange admin center?
- A . a connector
- B . an organization relationship
- C . a sharing policy
- D . a remote domain
A
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-
mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner
HOTSPOT
How many default policy tags (DPTs), retention policy tags (RPTs), and personal tags should you create to meet the retention requirements? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Topic 4, ADatum Corporation
Case study
This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.
To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.
At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.
To start the case study
To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.
Overview
Company Information
ADatum Corporation is a consulting company that has a main office in Montreal.
ADatum has a Microsoft 365 E5 tenant named adatum.com and uses Microsoft Exchange Online for messaging services.
Existing Environment
Mailboxes
Public Folder Mailboxes
Rules
Connectors
Safe Attachments Policies
Groups
Group Membership
Contacts
Allan Deyoung Role Assignments and Mailbox Details
Organization Sharing
Roles
Outlook Web App Policies
Mobile Device Mailbox Policies
Allan Deyoung must perform a message trace of the email messages sent by Isaiah Langer and provide a report that contains all the messages sent during the last 30 days.
You need to ensure that Allan Deyoung can perform the message trace.
What should you do?
- A . Add Allan Deyoung to the Organization Management role group
- B . Add Allan Deyoung to the Security Administrator role group
- C . For Allan Deyoung. set ElcProcessingDisabled to true
- D . For Isaiah Langer. set ElcProcessingDisabled to true
A
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/permissions-exo/feature-permissions
You need to ensure that Allan Deyoung can create a new public folder for the sales department.
Which two actions should you perform first? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Add Allan Deyoung to the Organization Management role group
- B . Create a new public folder mailbox
- C . Add Allan Deyoung to the Recipient Management role group
- D . Create a new shared mailbox
- E . Modify Sales Policy
AB
Explanation:
The Organization Management role group in Exchange provides permissions to perform multiple administrative tasks including the ability to create public folders. Additionally, before creating a new public folder, a public folder mailbox is required to store the folder’s hierarchy and content.
Joni Sherman reports that the Microsoft Outlook client on her Windows 10 device fails to start.
You need to troubleshoot the issue.
From the device, you start the Microsoft Remote Connectivity Analyzer.
What should you run next?
- A . the Exchange ActiveSync test
- B . the Outlook Connectivity test
- C . the Service Account Access test
- D . the Microsoft Support and Recovery Assistant for Office 365 client
D
Explanation:
Reference: https://www.sherweb.com/blog/office-365/microsoft-support-and-recovery-assistant/
You need to email a list of configuration changes to the Exchange Online environment that were recently performed by Allan Deyoung.
What should you do?
- A . Run the admin audit log report
- B . Run the external admin audit log report
- C . Export the admin audit log
- D . Run an administrator role group report
- E . Export the mailbox audit logs
C
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/security-and-compliance/exchange-auditing-reports/exchange-auditing-reports
HOTSPOT
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
Box 1: Yes
The Safe Attachments 1 policy applies to Group1. Alex Wilber is in Group1.
Box 2: No
Megan Bowen is in Group2. The Safe Attachments 2 policy applies to Group2. The Safe Attachments 2 policy will block the email rather then remove the attachment and deliver the email.
Box 3: No
Lynne Robbins is in the Sales department which means she is a member of Group3. She is also a member of Group2 and Group4.
The Safe Attachments 2 policy blocks emails and applies to Group2. There are no other Safe Attachments policies that apply to Group3 or Group4. Therefore, Safe Attachments 2 is the only policy that applies to Lynne Robbins so you do not need to increase the priority of the policy to block the emails.
Which contacts can sign in to and access resources in the adatum.com tenant?
- A . Contact1 only
- B . Contact2 only
- C . Contact1 and Contact3 only
- D . Contact2 and Contact3 only
- E . Contact1, Contact2. and Contact3
Lynne Robbins and the users in the sales department plan to collaborate on a project with a partner company named Contoso, Ltd. that has an email domain named contoso.com.
You need to ensure that only the sales department users can share all their calendar free/busy information with the users in contoso.com.
How should you configure the organization relationship?
- A . Select Calendar free/busy information with time only and enter Group1
- B . Select Calendar free/busy information with time, subject, and location and enter Groups
- C . Select Calendar free/busy information with time, subject, and location and enter Group3
- D . Select Calendar free/busy information with time only and enter Group3
- E . Select Calendar free/busy information with time only and enter Group2
C
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/sharing/organization-relationships/create-an-organization-relationship
You need to ensure that Alex Wilber can recover deleted items when using Outlook on the web.
Which two actions should you perform? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- A . Assign Sales Policy to Alex Wilbur.
- B . Modify Marketing Policy.
- C . Remove Alex Wilbur from all groups.
- D . Assign Policy2 to Alex Wilbur.
- E . Modify Policy1
You discover that email messages sent to contoso.com are NOT delivered through Contoso Connector.
You need to ensure that all email sent to contoso.com is delivered through Contoso Connector.
Which connector setting should you modify?
- A . Routing
- B . Security restrictions
- C . Use of connector
- D . Status
C
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner
HOTSPOT
You need to migrate 10 Microsoft Outlook.com users to the adatum.com tenant.
Which type of migration should you perform, and which items can be migrated? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Topic 5, Misc. Questions
DRAG DROP
You have a Microsoft Exchange Server 2019 hybrid deployment.
All Mailbox servers and domain controllers are in the same site.
You deploy an Edge Transport server.
You need to ensure that all SMTP traffic between the on-premises organization and Exchange Online is routed through the Edge Transport server.
Which four actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
New-EdgeSubscription -FileName "c:EdgeServerSubscription.xml" This example creates the Edge Subscription file. It should be run on your Edge Transport server. New-EdgeSubscription -FileData ([byte[]]$(Get-Content -Path "C:EdgeServerSubscription.xml" – Encoding Byte -ReadCount 0)) -Site "Default-First-Site-Name" This example also imports the Edge Subscription file generated in Example 1 to the Active Directory site Default-First-Site-Name; however, the end result is accomplished using one command. You must run this command on the Mailbox server.
ref. https://docs.microsoft.com/en-us/powershell/module/exchange/mail-flow/new-edgesubscription?view=exchange-ps
Your company has an Exchange Server 2019 organization that has servers deployed in two Active Directory forests named adatum.com and contoso.com The organization contains five Mailbox servers and two Edge Transport servers. You deploy Microsoft 365 and configure Exchange Online. You plan to configure hybrid mail transport.
You need to identify the number of third-party CA certificates that must be used in the deployment.
What is the minimum number of certificates?
- A . 1
- B . 2
- C . 4
- D . 5
You have a Microsoft Exchange Server 2019 organization.
Users access their email by using Microsoft Outlook 2019.
The users report that when a mailbox is provisioned for a new user, there is a delay of many hours before the new user appears in the global address list (GAL). From Outlook on the web, the users can see the new user in the GAL immediately.
You need to reduce the amount of time it takes for new users to appear in the GAL in Outlook 2019.
What should you do?
- A . Modify the default email address policy.
- B . Create as address book policy (ABP).
- C . Create a scheduled task that runs the Update-GlobalAddressList cmdlet.
- D . Modify the offline address (OAB) schedule.
D
Explanation:
Reference: https://www.howto-outlook.com/howto/oabupdate.htm#syncschedules
You have a Microsoft 365 environment that contains 1,000 mailboxes.
You need to ensure that only an administrator named Admin1 can use the Exchange Management Shell to manage
What should you do?
- A . Create a conditional access policy and apply the policy to all users.
- B . For all users, run the set-user cmdlet and specify the -RemotePowershellEnabled parameter.
- C . Create a conditional access policy and apply the policy to Admin1.
- D . For Admin1, run the set-user cmdlet and specify the -RemotePowerShellEnabled parameter.
You have a Microsoft Exchange Online tenant that has Office 365 Advanced Threat Protection (ATP) enabled.
The tenant contains a user named Ben Smith who has a UPN of ben.smith@fabrikam.com. Ben Smith is protected by using an ATP anti-phishing policy.
Ben Smith reports that emails sent from his personal account of ben.smith@relecloud.com are not delivered to his work email account.
You need to ensure that personal emails are delivered to the ben.smith@fabrikam.com.
What should you do?
- A . Create a transport rule to assign the MS-Exchange-Organization-PhishThresholdLevel header a value of 2 for the message received from ben.smith@relecloud.com
- B . Add ben.smith@fabrikam.com as a trusted sender to the ATP anti-phishing policy.
- C . Add ben.smith@relecloud.com as a trusted sender to the ATP anti phishing.
- D . Add relecloud.com to the ATP anti-phishing list of misted domains.
C
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-atp-anti-phishing-policies?view=o365-worldwide
You have a Microsoft Exchange Server 2019 organization.
You run the following commands.
New-Management-Scope CName "VIP Mailboxes" CRecipientRoot "Contoso.com/ Executives"
CRecipientRestrictionFilter (RecepientType Ceq "UserMailbox")
New-ManagementRoleAssignment CSecurityGroup "VIP Admins" CRole "Mail Recipients"
CCustomRecipientWriteScope "VIP Mailboxes"
You have a user named Admin1.
You need to ensure that Admin1 can manage the mailboxes of users in the Executives organizational unit (OU) only.
What should you do?
- A . Modify the membership of VIP Admins.
- B . Create a custom role group.
- C . Add Admin1 to the Recipient Management management role group.
- D . Move Admin1 to the Executives OU.
A
Explanation:
Reference: https://social.technet.microsoft.com/Forums/exchange/en-US/b316a841-c39d-483a-ac8e-64d5904c42e6/howto-
limit-recipient-management-rights-to-users-in-a-ou-in-exchange-2010-sp1?forum=exchangesvradminlegacy
You have a Microsoft Exchange Server 2019 organization.
You need to ensure that a user named User1 can prevent mailbox content from being deleted if the content contains the words Fabrikam and Confidential.
What should you do?
- A . Add User1 to the Organization Management management role group.
- B . Add User1 to the Records Management management role group.
- C . Assign the mailbox Search and Mailbox Import Export
- D . Assign the Mailbox Search and Legal Hold management roles to User1.
D
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/policy-and-compliance/holds/holds?view=exchserver-
2019
HOTSPOT
Your company has a Microsoft Exchange Server 2019 hybrid deployment.
The company has four departments that have the mailboxes shown in the following table.
The mailboxes are configured as shown in the following table.
You have two administrators named Admin1 and Admin2 that are assigned the permissions shown in the following table.
For each of the following statement, select yes if the statement is true. otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
Reference:
https://docs.microsoft.com/en-us/exchange/discovery-management-exchange-2013-help
https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/search-mailbox?view=exchange-ps
You have an Exchange Online tenant that contains several hundred mailboxes.
Several users report that email messages from an SMTP domain named @fabrikam.com often fail to be delivered to their mailbox.
You need to increase the likelihood that the email messages from the @fabrikam.com are delivered successfully to the users in the tenant.
- A . From the Security & Compliance admin center, modify the anti-spam policy settings.
- B . From the Security & Compliance admin center, modify the DKIM settings.
- C . From your public DNS zones, create a Sender Policy Framework (SPF) TXT record.
- D . From the Security & Compliance admin center, create a new ATP anti-phishing policy.
DRAG DROP
Your company has a Microsoft Exchange Server 2019 hybrid deployment.
The company has two departments that have the mailboxes configured as shown in the following table.
All the accounting department mailboxes reside in a database named ACCT-DB01.
You create the mailboxes shown in the following table.
You need to record all the email communication of the users in each department. The solution must minimize costs.
What should you use for each department? To answer, drag the appropriate options to the correct departments. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
HOTSPOT
You have a Microsoft Exchange Online tenant.
You recently hired two new administrators named Admin5 and Admin6.
You need to grant the following permissions to the new administrators:
• Admin5 must be able to assign licenses to users.
• Admin6 must be able to modify the email SPAM settings of all users.
• Admin5 must be able to configure the email forwarding settings of all users.
• Admin5 and Admin6 must be able to manage the mailbox permissions of all users.
The solution must use the principle of least privilege.
Which role should you assign to each user? To answer, select the appropriate options NOTE: Each correct selection is worth one point.
HOTSPOT
Your company named Contoso, Ltd. has a Microsoft Exchange Online subscription that uses a domain named contoso.com.
Contoso works with a partner company named A.Datum Corporation. A.Datum has an Exchange Server 2016 organization that uses a domain named adatum.com.
You need to ensure that users at Contoso can share their free/busy information with the users at A.Datum.
What should you do for each company? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/sharing/organization-relationships/organization-relationships
You manage an Exchange Online tenant.
You plan to migrate on-premises Microsoft Exchange Server mailboxes by using a cutover migration. You need to grant the required permissions to the migration administrator account to complete the migration. The solution must use the principle of least privilege.
Which three permissions should you grant? Each correct answer presents a complete solution NOTE: Each correct selection is worth one point.
- A . the FullAccess permission on each on-premises mailbox and the WriteProperty permission to modify the TargetAddress property of the on-premises user account
- B . the Receive As permission on the on-premises mailbox database that stores the user mailboxes and the WriteProperty permission to modify the TargetAddress property of the on-premises user account
- C . Domain Admins group member in Active Directory Domain Services (AD DS) of the on-premises Exchange organization
- D . the FullAccess permission on each on-premises mailbox
- E . the Receive As permission on the on-premises mailbox database that stores the user mailboxes
Your company has a Microsoft Exchange Server 2019 hybrid deployment.
You are migrating mailboxes to Exchange Online by using remote mailbox move requests.
A recent security breach at the company required that the passwords of all privileged accounts be changed.
Since the password change, mailbox move requests are failing.
You need to ensure that the mailbox migration can resume.
What should you do first?
- A . From Exchange on-premises, run Set-MigrationEndpoint.
- B . From Exchange on-premises, run Set-MigrationConfig.
- C . From Exchange Online, run Set-MigrationConfig.
- D . From Exchange Online, run Set-MigrationEndpoint.
- E . Run iisreset /noforce on all the Exchange servers that have MRSProxy enabled.
D
Explanation:
When mailbox move requests are failing after a change in privileged accounts’ passwords in a hybrid scenario, the most probable cause is the changed credentials for the Migration Endpoint in Exchange Online.
To resolve the issue, you should update the credentials used by the Migration Endpoint in Exchange Online.
You have a Microsoft Exchange Server 2016 hybrid deployment.
You plan to migrate mailboxes from the on-premises Exchange organization to Exchange Online.
You have the appropriate permissions to perform the mailbox migrations.
You need to prepare the environment for the planned migration.
What should you do?
- A . Disable Microsoft Outlook for the web.
- B . Install the Hybrid Agent.
- C . Run Get-MigrationBatch -Identity "MyMigrationBatch".
- D . Enable the MRSProxy service on an on-premises Exchange server.
D
Explanation:
Mailbox replication service (MRS) proxy is used for cross forest mailbox move and remote move migration between on premise exchange and exchange online (Office 365)
Reference: https://docs.microsoft.com/en-us/Exchange/hybrid-deployment/move-mailboxes
DRAG DROP
You have a Microsoft Exchange Online tenant.
You need to import PST files from a legacy archiving solution to Exchange Online. You will import the PST files over the internet.
Which five actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/use-network-upload-to-import-pst-files?view=o365-worldwide
You manage a Microsoft Exchange Server 2019 hybrid deployment. All user mailboxes are located both on-premises and in the cloud.
You need to configure the deployment so that the on-premises mailboxes can access the public folders.
Which three commands should you run? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . Sync-MailPublicFolders.ps1
- B . Set-OrganizationConfig CPublicFoldersEnabled Remote
- C . Import-PublicFolderMailboxes.ps1
- D . Sync-MailPublicFoldersCloudToOnprem.ps1
- E . Set-OrganizationConfig CPublicFoldersEnabled Local CRemotePublicFolderMailboxes PFMailbox1
ABE
Explanation:
To enable on-premises mailboxes to access cloud public folders in a Microsoft Exchange Server 2019 hybrid deployment, you would need to:
Synchronize the mail-enabled public folders from on-premises to Exchange Online using the Sync-MailPublicFolders.ps1 script.
Set the PublicFoldersEnabled parameter to "Remote" on the on-premises organization to indicate that public folders are hosted in the cloud.
Specify which cloud mailbox (or mailboxes) hold the hierarchy for public folders.
HOTSPOT
You have a Microsoft Exchange Server 2019 hybrid deployment.
You run the Get-HybridConfiguration cmdlet and receive the output shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/federation-and-hybrid/set-hybridconfiguration?view=exchange-ps
You have a Microsoft Exchange Server 2019 hybrid deployment.
You need to change the free/busy data access sharing level between the on-premises organization and Exchange Online.
What should you do?
- A . Run the Hybrid Configuration wizard.
- B . Modify the organization relationship.
- C . Create an organization sharing policy.
- D . Create an individual sharing policy.
B
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/shared-free-busy
You have a Microsoft Exchange Server 2019 organization.
You purchase a Microsoft Office 365 E5 subscription.
You plan to implement Exchange Modern Hybrid and free/busy sharing.
Which two components should you configure for the planned implementations? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . a sharing policy
- B . a federation trust
- C . a relying party trust
- D . Active Directory Lightweight Directory Services (AD LDS)
- E . an organization relationship
BE
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/shared-free-busy
You have a Microsoft Exchange Online tenant.
All users are assigned only an Office 365 Enterprise E3 license.
You need to ensure that the users can use only Microsoft Outlook to connect to their Microsoft 365 mailbox when they connect from an Android device.
What should you create?
- A . an Outlook Web App policy in Exchange Online
- B . a connection filter policy in Exchange Online Protection (EOP)
- C . an Exchange ActiveSync device access rule
- D . an app protection policy in Microsoft Endpoint Manager
You have a Microsoft Exchange Server 2019 organization.
A compliance manager plans to create retention policies for the mailboxes of executive users. The policies will move specific emails to an archive mailbox.
You need to create an archive mailbox for each executive user.
What should you do?
- A . Run the New-Mailbox cmdlet-
- B . Enable mailbox journaling.
- C . Enable In-Place Archiving for each mailbox.
- D . Run the set-Mailbox cmdlet.
C
Explanation:
https://docs.microsoft.com/en-us/exchange/policy-and-compliance/in-place-archiving/in-place-archiving?view=exchserver-2019
DRAG DROP
You have a Microsoft Exchange Online tenant.
You enable hierarchical address books (HABs).
You create a new distribution group named Contoso.
You need to configure the Contoso group as the root of the hierarchy. The members of the group must appear in the hierarchy.
How should you complete the PowerShell commands?
Explanation:
Set-OrganizationConfig
Set-Group
https://docs.microsoft.com/en-us/exchange/address-books/hierarchical-address-books/enable-or-disable-hierarchical-address-books
HOTSPOT
You have a Microsoft Exchange Online subscription.
You run the following command.
Set-ActiveSyncOrganizationSettings CDefaultAccessLevel Block
You run Get-ActiveSyncDeviceAccessRule | f1 Identity, AccessLevel, Characteristic, QueryString and you receive the following output.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
You manage a hybrid deployment between Microsoft Exchange Online and on-premises Exchange Server 2019. The deployment contains a primary SMTP domain named contoso.com.
Users have email addresses that use a syntax of firstname.lastname@contoso.com.
A user named Ben Smith receives a new client computer. You configure the computer1 to access Ben Smith’s mailbox. Ben Smith reports that he cannot connect to his mailbox from the new computer. You verify that other users can connect successfully to their mailbox and that new users can discover their mailboxes by using Autodiscover.
You need to ensure that Ben Smith can connect to his mailbox from the new computer.
What should you do?
- A . Modify the primarySmtpAddress property for the mailbox of Ben Smith.
- B . Modify the email address of Ben Smith to use a syntax of firstname.lastname@contoso.onmicrosoft.com
- C . Modify the RemoteRoutingAddress parameter for the mailbox of Ben Smith.
- D . Modify the email address of Ben Smith to use a syntax of lastname.firstname@contoso.com
You have 1,000 user accounts that are each licensed for Microsoft 365. Each user account has a Microsoft Exchange Online mailbox.
Ten of the user accounts are configured as service accounts for applications. The applications send event notifications to the mailboxes of the service accounts by using SMTP. The developers of each application have delegated access to the mailbox of their respective application. The solution must minimize licensing costs.
What should you do?
- A . Replace the service account mailboxes with a Microsoft 365 group
- B . Convert the service account mailboxes into mail-enabled contacts
- C . Replace the service account mailboxes with a single user mailbox
- D . Replace the service account mailboxes with a single user mailbox that contains a folder for each application.
Your network contains an Active Directory domain named corp.contoso.com. The domain contains client computers that have Microsoft Office 36S Apps installed. You have a hybrid deployment that contains a Microsoft Exchange Online tenant and an on-premises Exchange Server 2019 server
named Server1. All recipients use an email address suffix of Contoso.com.
You migrate all the Exchange Server recipients to Exchange Online, and then decommission Server1. Users connected to the internal network report that they receive an Autodiscover error when they open Microsoft Outlook.
You need to ensure that all users can connect successfully to their mailbox by using Outlook.
Which two actions should you perform? Each correct answer presents a complete solution. NOTE: Each correct selection is worth one point.
- A . From the corp.contoso.com DNS zone, modify the Autodiscover host (A) record.
- B . Add an accepted domain.
- C . From the contoso.com DNS zone, modify the Autodiscover alias (CNAME) record
- D . Modify the name of the TLS certificate.
- E . From the domain, modify the Autodiscover service connection point (SCP).
All the users in your company have Microsoft 365 mailboxes.
Each user connects to Microsoft Exchange Online and OneDrive for Business from a personal computer that runs Windows 10.
You need to ensure that the users can save attachments to OneDrive for Business only when they connect to their mailbox from Outlook on the web.
What should you create?
- A . an app protection policy in Microsoft Endpoint Manager
- B . a device compliance policy in Microsoft Endpoint Manager
- C . an Outlook Web App policy in Exchange Online
- D . an Exchange ActiveSync device access rule
C
Explanation:
https://www.pelegit.co.il/prevent-downloading-attachments-through-owa/
You have a Microsoft Exchange Server 2019 organization named contoso.com and an Exchange Online tenant.
You plan to implement a hybrid deployment.
You have the certificates shown in the following table.
You need to identify which certificates can be assigned in the Microsoft Office 365 Exchange Hybrid Configuration wizard.
Which certificates should you identify?
- A . Cert4 and Cert5 only
- B . Cert2 and Cert3 only
- C . Cert1 only
- D . Cert3 and Cert5 only
- E . Cert2 and Cert4 only
- F . Cert2, Cert3, Cert4, and Cert5 only
D
Explanation:
For the hybrid deployment with the Exchange Hybrid Configuration wizard, the best practice is to use certificates that are issued by a public certification authority (CA). Additionally, the certificates should have the required subject names for the hybrid deployment, typically including the domain and autodiscover subdomain.
Based on the table:
Cert1 is self-signed, so it’s not ideal for a hybrid setup.
Cert2 is from an internal CA and uses a wildcard (*), which can technically work but isn’t recommended for hybrid deployments.
Cert3 is from an internal CA and has both contoso.com and autodiscover.contoso.com, which are required names.
Cert4 is from a public CA with a wildcard (*), and while wildcards from a public CA can be used, they’re not best practice for hybrid deployments.
Cert5 is from a public CA and has both contoso.com and autodiscover.contoso.com, which are the required names.
You have a Microsoft Exchange Online tenant that contains 1,000 user mailboxes and 10 main enabled users. The mail-enabled users have email addresses in two SMTP domains named fabrikam.com and contoso.com.
You need to convert the mail-enabled users into user mailboxes.
What should you do first?
- A . Add the users to an Office 365 group.
- B . Assign a license to each user.
- C . Remove the remote domains of fabrikam.com and contoso.com
- D . Modify the email forwarding settings of each user.
B
Explanation:
To convert mail-enabled users to user mailboxes in Exchange Online, you need to ensure that the users have the necessary licenses assigned to them for the mailbox feature.
DRAG DROP
You have a Microsoft Exchange Server 2019 hybrid deployment that contains the users shown in the following table.
You need to provide each user with an archive mailbox that is stored in Exchange Online.
Which admin center should you use to perform the configuration for each user? To answer, drag the appropriate admin centers to the correct users. Each admin center may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
You have two mailboxes named Mailbox1 and Mailbox2 that have the ProhibitSendReceiveQuota parameter set to 50 GB.
From a Microsoft Exchange Online tenant, you run the following PowerShell command.
You receive the license status of each mailbox and discover the configurations shown in the following table.
You need to increase the quota for Mailbox1 and Mailbox2.
What should you do first?
- A . Assign a license to each mailbox.
- B . Convert each mailbox into an equipment mailbox.
- C . Enable an archive for each mailbox.
- D . Place both mailboxes on retention hold.
A
Explanation:
Shared and resource mailboxes don’t require a license. However, without a license, these mailboxes are limited to 50 GB. To increase the mailbox size, an E3 or E5 license must be assigned. This will increase the mailbox to 100 GB.
Reference: https://docs.microsoft.com/en-us/office365/servicedescriptions/exchange-online-service-
description/exchange-online-limits
You have a Microsoft 365 subscription.
Several users report today that they cannot access email from their mobile device. They successfully accessed their email from the same device yesterday.
You need to identify which mobile device access rule applies to the devices.
Which cmdlet should you run?
- A . Get-MsolDevice
- B . Get-DeviceTenantRule
- C . Get-MobileDevice
- D . Get- ActiveSyncMailboxPolicy
C
Explanation:
The Get-MobileDevice cmdlet returns identification, configuration, and status information for each mobile device.
Note: The Get-MobileDeviceStatistics cmdlet can also be used.
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/devices/get-mobiledevice?view=exchange-ps
HOTSPOT
You have a Microsoft Exchange Server 2019 organization.
You have the Address Book Policies (ABP) and address lists in the following table.
You have the users in the following table.
You assign ABP1 to User1 and User2.
User3 is NOT assigned to an Address Book Policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/email-addresses-and-address-books/address-book-policies/address-book-policies?view=exchserver-2019
HOTSPOT
Your company named ADatum Corporation has a Microsoft Exchange Online subscription that contains the sharing policies shown in the following table.
The subscription contains the mailboxes shown in the following table.
ADatum does business with the partner companies shown in the following table.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
HOTSPOT
You have a Microsoft Exchange Server 2019 hybrid deployment.
You have the on-premises mailboxes shown in the following table.
You add the mailbox permissions shown in the following table.
You plan to migrate the mailboxes to Exchange Online by using remote mailbox move requests.
The mailboxes will be migrated according to the schedule shown in the following table.
Mailboxes migrated the same week will have their mailbox move requests included in the same batch and will be cut over simultaneously.
For each of the following statements, select Yes if the statement is true. Otherwise, select No. NOTE: Each correct selection is worth one point.
Explanation:
Reference:
https://docs.microsoft.com/en-us/exchange/exchange-hybrid
https://practical365.com/exchange-online/configuring-exchange-hybrid-cross-forest-permissions/
HOTSPOT
You create a transport rule as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
You have a Microsoft Exchange Online subscription.
You need to generate a CSV file containing all the email messages that failed to send from the user1@contoso.com email address during the last 30 days.
What are two possible ways to achieve the goal? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
- A . From Exchange Online PowerShell, run the Get-MessageTrace cmdlet.
- B . From the Exchange admin center, run a message trace.
- C . From the Security & Compliance admin center, export the mailbox audit logs.
- D . From Exchange Online PowerShell, run the Get-MessagetraceDetail cmdlet.
- E . From the Security & Compliance admin center, run a message trace.
AB
Explanation:
To achieve the goal of generating a CSV file containing all the email messages that failed to send from a specific email address during the last 30 days, the following two methods can be used:
From Exchange Online PowerShell, run the Get-MessageTrace cmdlet.
From the Exchange admin center, run a message trace.
You have a Microsoft Exchange Online tenant that contains 1,000 users.
A user recently sent an email message that was never received by a recipient on the internet. From the Exchange admin center, you successfully run a message trace but cannot see the message in the trace.
What is the most likely reason why the message fails to appear in the message trace?
- A . The user addressed the message to multiple internal and external receipts
- B . The user encrypted the email message.
- C . Your administrative user account requires additional rights.
- D . The message is in the user’s Outbox folder.
You have a Microsoft Exchange Online tenant named contoso.com.
Several users report that email messages sent to the users at another company named fabrikam.com contain a Winmail.dat attachment.
You need to prevent the fabrikam.com users from receiving Winmail.dat attachments.
What should you do?
- A . Configure a remote domain that has the TNEFEnabled parameter set to $False.
- B . Create an Outbound connector that has the validationRecipients parameter set to contoso.com.
- C . Create an Outbound connector that has the validationRecipients parameter set to fabrikam.com.
- D . Configure a remote domain that has the TrustedMailoutboundEnabled parameter set to $False.
A
Explanation:
Reference: https://gcits.com/knowledge-base/how-to-fix-the-winmail-dat-attachment-issue/
DRAG DROP
Your company has a Microsoft Exchange Online subscription for an email domain named contoso.com.
The company works with a partner company that uses an email domain named tailspintoys.com.
You need to configure the environment only to accept email from tailspintoys.com if the email is sent from an IP address of 131.107.12.85.
How should you configure the connector from the Exchange admin center? To answer, drag the appropriate options to the correct message settings. Each option may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content. NOTE: Each correct selection is worth one point.
Explanation:
https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner
You have a hybrid deployment that contains a Microsoft exchange Online tenant and anon premises Exchange Server 2019 server named Server1. Alt users use an email address suffix of @contoso.com.
On Server1, you create a new mailbox that uses an email address of user1@contoso.com
Users hosted in Exchange Online report that they receive a non-delivery report (NDR) When they attempt to send email messages to user1@contoso.com. The NDR contains the following text:
"User1 wasn’t found at contoso.com."
You verify that the Exchange Online users can send email successfully to the other mailboxes hosted on Server1. Users hosted on Server1 can send email to user1@contoso.com successfully. You need to identify what causes the email delivery to fail.
What should you use?
- A . the Azure Active Directory admin center
- B . the Exchange admin center
- C . Azure AD Connect Health
- D . the on-premises Exchange admin center
C
Explanation:
It’s likely that the new user account hasn’t replicated to Azure Active Directory. Azure AD Connect is responsible for account replication between on-prem AD and Azure AD.
You have a Microsoft Exchange Online tenant named contoso.com.
You create a partnership with two other companies named fabhkam.com and wingtiptoys.com. All the mailboxes of fabnkam.com are hosted in Microsoft 365. All the mailboxes of wingtiptoys.com are hosted in an on-premises Exchange Server 2019 organization.
You need to ensure that all the email messages sent from contoso.com to fabrikam.com and wingtiptoys.com is encrypted by using TLS.
What should you do?
- A . Configure one connector.
- B . Create an organizational relationship.
- C . Create two remote domains.
- D . Run the Office 365 Exchange Hybrid Configuration wizard.
- E . Configure two mail flow rules.
E
Explanation:
To ensure that all the email messages sent from contoso.com to fabrikam.com and wingtiptoys.com are encrypted by using TLS, you should: Configure two mail flow rules.
HOTSPOT
You have a Microsoft Exchange Online subscription that uses a namespace of litwareinc.com.
You create a connector in Exchange Online that is configured as shown in the following exhibit.
Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point.
You have a hybrid deployment between a Microsoft Exchange Online tenant and an on-premises Exchange Server 2019 organization.
The tenant uses an email domain named @contoso.com.
You recently purchased an email domain named fabrikam.com.
You need to ensure that all the users in the tenant can receive email messages by using the @fabrikam.com email domain. The solution must ensure that the users can continue to receive email by using the @contoso.com email domain.
Which three actions should you perform? Each correct answer presents part of the solution. NOTE; Each correct selection is worth one point.
- A . From Azure AD Connect add a domain for fabrikam.com.
- B . From the on-premises Exchange admin center, add an accepted domain for fabrikam.com.
- C . From the Exchange Management Shell, create a script that runs the
- D . From the Microsoft 365 admin center, verify the fabrikam.com email domain
- E . From the on-premises Exchange admin center, modify the email address policy
- F . From the Microsoft 365 admin center, add the fabrikam.com email domain.
You have a Microsoft 365 subscription for a company named Fabrikam,Inc. The company uses an Exchange Online tenant that has an email domain named fabirkam.com.
Fabrikam works with a partner company Contoso, Ltd. that uses an email domain named contoso.com.
A new security policy at Contoso states that any email sent from partners to Contoso employees must use TLS encryption.
You need to ensure that email sent from Fabrikam to Contoso uses TLS.
What should you create in the tenant?
- A . a new connector that specifies the contoso.com SMTP domain
- B . a remote domain named contoso.com
- C . a new connector that specifies the fabrikam.com SMTP domain
- D . a remote domain named fabrikam.com
A
Explanation:
Configure a Send connector in Fabrikam to point to Contoso.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an Exchange Online tenant that contains 2,000 mailboxes.
A partner company named Fabrikam, Inc. uses a third-party messaging solution. The outbound SMTP server for Fabrikam uses an IP address of 131.107.2.22.
You discover that several email messages from the fabrikam.com domain are erroneously marked as spam.
You need to ensure that all the email messages sent from the fabrikam.com domain are delivered successfully to the user mailboxes of your company. Solution: You enable a DKIM signature.
Does this meet the goal?
- A . Yes
- B . No
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an Exchange Online tenant that contains 2,000 mailboxes.
A partner company named Fabrikam, Inc. uses a third-party messaging solution. The outbound SMTP server for Fabrikam uses an IP address of 131.107.2.22.
You discover that several email messages from the fabrikam.com domain are erroneously marked as spam.
You need to ensure that all the email messages sent from the fabrikam.com domain are delivered successfully to the user mailboxes of your company.
Solution: You create a connection filter.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
Creating a connection filter and whitelisting the IP address of Fabrikam’s outbound SMTP server would help ensure that the emails from fabrikam.com domain are delivered successfully to the user mailboxes of your company without being marked as spam.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an Exchange Online tenant that contains 2,000 mailboxes.
A partner company named Fabrikam, Inc. uses a third-party messaging solution. The outbound SMTP server for Fabrikam uses an IP address of 131.107.2.22.
You discover that several email messages from the fabrikam.com domain are erroneously marked as spam.
You need to ensure that all the email messages sent from the fabrikam.com domain are delivered successfully to the user mailboxes of your company.
Solution: You create a spam filter policy.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
Add Fabrikam.com to the ‘Domain allow list’ in a spam filter policy.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 organization that contains 200 mailboxes.
You need to add a second email address to each mailbox. The address must have a syntax that uses the first letter of each user’s last name, followed by the user’s first name, and then @fabrikam.com.
Solution: You create an email address policy that uses the %1g%s@fabrikam.com email address format.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
The format %1g%s@fabrikam.com would use the first letter of each user’s last name (%1g) followed by the user’s first name (%s), which matches the requirement. Creating an email address policy with this format would meet the goal.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 organization that contains 200 mailboxes.
You need to add a second email address to each mailbox. The address must have a syntax that uses the first letter of each user’s last name, followed by the user’s first name, and then @fabrikam.com.
Solution: You convert all the mailboxes to shared mailboxes, and then you run the Set-Mailbox cmdlet and specify the CEmailAddressPolicyEnabled $false parameter.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/email-addresses-and-address-books/email-address-policies/email-address-policies?view=exchserver-2019
Email address policies define the rules that create email addresses for recipients in your Exchange organization.
The basic components of an email address policy are:
Email address templates: Define the email address format for the recipients (for example <firstname>@contoso.com or <lastname>.<firstname>@contoso.com).
Recipient filter: Specifies the recipients whose email addresses are configured by the policy.
Priority: Specifies the order to apply the email address policies (important if a recipient is identified by more than one policy).
The EmailAddressPolicyEnabled parameter specifies whether to apply email address policies to this recipient. Valid values are:
$true: Email address policies are applied to this recipient. This is the default value.
$false: Email address policies aren’t applied to this recipient.
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 organization that contains 200 mailboxes.
You need to add a second email address to each mailbox. The address must have a syntax that uses the first letter of each user’s last name, followed by the user’s first name, and then @fabrikam.com.
Solution: You convert all the mailboxes to shared mailboxes, and then you run the Set-Mailbox cmdlet and specify the CEmailAddressPolicyEnabled $true parameter.
Does this meet the goal?
- A . Yes
- B . No
B
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/email-addresses-and-address-books/email-address-policies/email-address-policies?view=exchserver-2019
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 organization that contains 200 mailboxes.
You need to add a second email address to each mailbox. The address must have a syntax that uses the first letter of each user’s last name, followed by the user’s first name, and then @fabrikam.com.
Solution: You create an email address policy that uses the %1s%g@fabrikam.com email address format.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/email-addresses-and-address-books/email-address-policies/email-address-policies?view=exchserver-2019
You have a Microsoft Exchange Online tenant.
All users are assigned only an Office 365 Enterprise E3 license.
You need to ensure that the users can use only Microsoft Outlook to connect to their Microsoft 365 mailbox when they connect from an Android device.
What should you create?
- A . a conditional access policy in Azure Active Directory (Azure AD)
- B . a connection filter policy in Exchange Online Protection (EOP)
- C . an Outlook Web App policy in Exchange Online
- D . an app protection policy in Microsoft Endpoint Manager
A
Explanation:
Office 365 Enterprise E3 includes Azure Active Directory Premium P1 which is required for Azure conditional access policies.
You have 1,000 user accounts that are each licensed for Microsoft 365. Each user account has a Microsoft Exchange Online mailbox.
Ten of the user accounts are configured as service accounts for applications. The applications send event notifications to the mailboxes of the service accounts by using SMTP. The developers of each application have delegated access to the mailbox of their respective application.
You need to ensure that all the event notifications sent by the applications are retained in the service account mailboxes so that new developers can review older notifications. The developers must be able to view only the notifications for their respective application.
What should you do?
- A . Replace the service account mailboxes with a single user mailbox that contains a folder for each application.
- B . Replace the service account mailboxes with a single user mailbox that contains Power Automate rules.
- C . Convert the service account mailboxes into shared mailboxes.
- D . Convert the service account mailboxes into mail-enabled users.
HOTSPOT
You need to create an address list that contains all the users who have a title of Director.
How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/email-addresses-and-address-books/new-addresslist?view=exchange-ps
HOTSPOT
You have an address book policy named Contoso-US that contains an address list named Contoso-Finance.
You need to add an address list named Contoso-Marketing to Contoso-US without removing Contoso-Finance.
How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/exchange/address-books/address-book-policies/change-the-settings-of-an-address-book-policy
HOTSPOT
You have a Microsoft Exchange Server 2019 hybrid deployment.
You are migrating mailboxes from the on-premises organization to Exchange Online.
From the Exchange admin center, you create a new migration batch that includes 25 mailboxes, and then you select Manual Complete the batch.
Later, you must complete the migration of a mailbox named user1@litware.com in the batch as soon as possible. You discover that the status of the migration batch is Syncing, but the status of the move request for user1@litware.com is Synced.
You need to complete the migration of the user1@litware.com mailbox to Exchange Online as soon as possible.
How should you complete the command? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point.
Explanation:
Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/move-and-migration/set-moverequest?view=exchange-ps
You have a Microsoft Exchange Server 2019 hybrid deployment.
You plan to implement Hybrid Modern Authentication (HMA).
You retrieve the Exchange virtual directory settings, and you discover the following output.
You need to prepare the virtual directories for the planned implementation of HMA.
What should you do?
- A . Add OAuth as an authentication method.
- B . Remove NTLM as an authentication method.
- C . Delete https://mail.contoso.com from the ExternalUrl value.
- D . Modify the InternalUrl value to http://mail.contoso.com.
A
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/enterprise/configure-exchange-server-for-hybrid-modernauthentication?view=o365-worldwide
You have a Microsoft Exchange Server hybrid deployment that contains Exchange 2013, Exchange 2016, and Exchange 2019 servers. All the servers have the latest Cumulative Updates (CUs) applied. You need to implement Hybrid Modern Authentication (HMA). The solution must minimize costs.
What should you do first?
- A . Upgrade the Exchange 2013 servers to Exchange 2016 CU7.
- B . Add the on-premises web service URLs as Azure Active Directory (Azure AD) service principal names (SPNs).
- C . Upgrade all the servers to Exchange 2019.
- D . Create an Azure Active Directory (Azure AD) conditional access policy for Exchange Online.
B
Explanation:
Reference:
https://docs.microsoft.com/en-us/microsoft-365/enterprise/configure-exchange-server-for-hybrid-modern-authentication?view=o365-worldwide#make-sure-you-meet-all-the-prerequisites
https://docs.microsoft.com/en-us/microsoft-365/enterprise/hybrid-modern-auth-overview?view=o365-worldwide#do-you-meet-modern-authentication-prerequisites
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 hybrid deployment. All user mailboxes are hosted in Microsoft 365. All outbound SMTP email is routed through the on-premises Exchange organization.
A corporate security policy requires that you must prevent credit card numbers from being sent to internet recipients by using email.
You need to configure the deployment to meet the security policy requirement.
Solution: From Microsoft 365, you create a data loss prevention (DLP) policy.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 hybrid deployment. All user mailboxes are hosted in Microsoft 365. All outbound SMTP email is routed through the on-premises Exchange organization.
A corporate security policy requires that you must prevent credit card numbers from being sent to internet recipients by using email.
You need to configure the deployment to meet the security policy requirement.
Solution: From the Exchange organization, you create a data loss prevention (DLP) policy.
Does this meet the goal?
- A . Yes
- B . No
A
Explanation:
Reference: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-loss-prevention-policies?view=o365-worldwide