What should you do?

Topic 3, Fabrikam, Inc

Case study

This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to ensure that you are able to complete all questions included on this exam in the time provided.

To answer the questions included in a case study, you will need to reference information that is provided in the case study. Case studies might contain exhibits and other resources that provide more information about the scenario that is described in the case study. Each question is independent of the other questions in this case study.

At the end of this case study, a review screen will appear. This screen allows you to review your answers and to make changes before you move to the next section of the exam. After you begin a new section, you cannot return to this section.

To start the case study

To display the first question in this case study, click the Next button. Use the buttons in the left pane to explore the content of the case study before you answer the questions. Clicking these buttons displays information such as business requirements, existing environment, and problem statements. If the case study has an All Information tab, note that the information displayed is identical to the information displayed on the subsequent tabs. When you are ready to answer a question, click the Question button to return to the question.

Overview

Fabrikam, Inc. is a consulting company that has a main office in Montreal.

Fabrikam has a partnership with a company named Litware, Inc.

Existing Environment

Network Environment

The on-premises network of Fabrikam contains an Active Directory domain named fabrikam.com.

Fabrikam has a Microsoft 365 tenant named fabrikam.com. All users have Microsoft 365 Enterprise E5 licenses.

User accounts sync between Active Directory Domain Services (AD DS) and the Microsoft 365 tenant.

Fabrikam.com contains the users and devices shown in the following table.

Fabrikam currently leases mobile devices from several mobile operators.

Microsoft Exchange Online Environment

All users are assigned an Outlook Web App policy named FilesPolicy.

In-Place Archiving is disabled for Exchange Online.

You have the users shown in the following table.

User1 and User3 use Microsoft Outlook for iOS and Android to access email from their mobile device. User2 uses a native Android email app.

A Safe Links policy in Microsoft Defender for Office 365 is applied to the fabrikam.com tenant. The marketing department uses a mail-enabled public folder named FabrikamProject.

Default MRM Policy is disabled for the fabrikam.com tenant.

Problem Statements

Fabrikam identifies the following issues:

✑ Users report that they receive phishing emails containing embedded links.

✑ Users download and save ASPX files when they use Outlook on the web.

✑ Email between Fabrikam and Litware is unencrypted during transit.

✑ User2 reports that he lost his mobile device.

Requirements

Planned Changes

Fabrikam plans to implement the following changes:

✑ Configure FilesPolicy to prevent Outlook on the web users from downloading attachments that have the ASPX extension.

✑ Purchase a new smartboard and configure the smartboard as a booking resource in Exchange Online.

✑ Ensure that the new smartboard can only be booked for a maximum of one hour.

✑ Allow only Admin1 to accept or deny booking requests for the new smartboard.

✑ Standardize mobile device costs by moving to a single mobile device operator.

✑ Migrate the FabrikamProject public folder to Microsoft SharePoint Online.

✑ Enable In-Place Archiving for users in the marketing department.

✑ Encrypt all email between Fabrikam and Litware.

Technical Requirements

Fabrikam identifies the following technical requirements:

✑ Ensure that the planned Sharepoint site for FabrikamProject only contains content that was created during the last 12 months.

✑ Any existing file types that are currently configured as blocked or allowed in the FilesPolicy policy must remain intact.

✑ When users leave the company, remove their licenses and ensure that their mailbox is accessible to Admin1 and Admin2.

✑ Generate a report that identifies mobile devices and the mobile device operator of each device.

✑ Use the principle of least privilege.

✑ Minimize administrative effort.

Retention requirements

Fabrikam identifies the following retention requirements for all users:

✑ Enable users to tag items for deletion after one year.

✑ Enable users to tag items for deletion after two years.

✑ Enable users to tag items to be archived after one year.

✑ Automatically delete items in the Junk Email folder after 30 days.

✑ Automatically delete items in the Sent Items folder after 300 days.

✑ Ensure that any items without a retention tag are moved to the Archive mailbox two years after they were created and permanently deleted seven years after they were created.

You need to identify which users clicked the links in the phishing emails.

What should you do?
A . Run a message trace and review the results.
B . Query the mailbox audit log.
C . Use the URL trace reporting feature.
D . Review the quarantine mailbox.

View Answer

Answer: C

Explanation:

Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/get-maildetailatpreport?view=exchange-ps