Official 2014 Latest Free Microsoft 70-412 Dump Download(11-20)!

QUESTION 11
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 and a member server named Server1. Server1 has the IP Address Management (IPAM) Server feature installed. On Dc1, you configure Windows Firewall to allow all of the necessary inbound ports for IPAM. On Server1, you open Server Manager as shown in the exhibit. (Click the Exhibit button.)

clip_image002
You need to ensure that you can use IPAM on Server1 to manage DNS on DC1. What should you do?

A.    Modify the outbound firewall rules on Server1.
B.    Modify the inbound firewall rules on Server1.
C.    Add Server1 to the Remote Management Users group.
D.    Add Server1 to the Event Log Readers group.

Answer: D
Explanation:
Since no exhibit, the guess here is it’s not using the GPO to manage the Event Log Readers group– evidenced by the fact that the firewall was configured manually instead of with the GPO. If the GPO was being used then the IPAM server would be in the Event Log Readers group due to restricted group settings in the GPO as shown below:

clip_image002[4]
In the above example, the IPAM server is as member of the VDI\IPAMUG group.
http://technet.microsoft.com/en-us/library/jj878313.aspx

clip_image001

QUESTION 12
Your network contains an Active Directory domain named contoso.com. The domain contains servers named Server1 and Server2 that run Windows Server 2012 R2. Server1 has the IP Address Management (IPAM) Server feature installed. You install the IPAM client on Server2. You open Server Manager on Server2 as shown in the exhibit. (Click the Exhibit button.)

clip_image002[6]
You need to manage IPAM from Server2. What should you do first?

A.    On Server1, add the Server2 computer account to the IPAM MSM Administrators group.
B.    On Server2, open Computer Management and connect to Server1.
C.    On Server2, add Server1 to Server Manager.
D.    On Server1, add the Server2 computer account to the IPAM ASM Administrators group.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/hh831453.aspx

clip_image002[8]

QUESTION 13
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named Dc1. DC1 has the DNS Server server role installed. The network has two sites named Site1 and Site2. Site1 uses 10.10.0.0/16 IP addresses and Site2 uses 10.11.0.0/16 IP addresses. All computers use DC1 as their DNS server. The domain contains four servers named Server1, Server2, Server3, and Server4. All of the servers run a service named Service1. DNS host records are configured as shown in the exhibit. (Click the Exhibit button.)

clip_image001[4]
You discover that computers from the 10.10.1.0/24 network always resolve Service1 to the [P address of Server1. You need to configure DNS on DC1 to distribute computers in Site1 between Server1 and Server2 when the computers attempt to resolve Service1. What should run on DC1?

A.    dnscmd /config /bindsecondaries 1
B.    dnscmd /config /localnetpriority 0
C.    dnscmd /config /localnetprioritynetmask 0x0000ffff
D.    dnscmd /config /roundrobin 0

Answer: C
Explanation:
A. Specifies use of fast transfer format used by legacy Berkeley Internet Name Domain (BIND) servers. 1 enables
B. Disables netmask ordering.
C. You can use the Dnscmd /Config /LocalNetPriorityNetMask 0x0000FFFF command to use class B ( or 16 bit) for netmask ordering for DNS round robin
D. Disables round robin rotation.
http://technet.microsoft.com/en-us/library/cc737355(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc738473(v=ws.10).aspx http://support.microsoft.com/kb/842197
http://technet.microsoft.com/en-us/library/cc779169(v=ws.10).aspx

QUESTION 14
Your network contains an Active Directory domain named contoso.com. The domain contains a main office and a branch office. An Active Directory site exists for each office. The domain contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the DHCP Server server role installed. Server1 is located in the main office site. Server2 is located in the branch office site. Server1 provides IPv4 addresses to the client computers in the main office site. Server2 provides IPv4 addresses to the client computers in the branch office site. You need to ensure that if either Server1 or Server2 are offline, the client computers can still obtain IPv4 addresses.
The solution must meet the following requirements:
– The storage location of the DHCP databases must not be a single point of failure.
– Server1 must provide IPv4 addresses to the client computers in the branch office site only if Server2 is offline.
– Server2 must provide IPv4 addresses to the client computers in the main office site only if Server1 is offline.
Which configuration should you use?

A.    load sharing mode failover partners
B.    a failover cluster
C.    hot standby mode failover partners
D.    a Network Load Balancing (NLB) cluster

Answer: C
Explanation:
A. The load sharing mode of operation is best suited to deployments where both servers in a failover relationship are located at the same physical site.
B. Hot standby mode of operation is best suited to deployments where a central office or data center server acts as a standby backup server to a server at a remote site, which is local to the DHCP clients
C. Needs to be a DHCP Failover option
D. Needs to be a DHCP Failover option
http://technet.microsoft.com/en-us/library/hh831385.aspx http://blogs.technet.com/b/teamdhcp/archive/2012/09/03/dhcp-failover-hot-standbymode.aspx

clip_image001[6]

QUESTION 15
You have a DHCP server named Server1. Server1 has an IP address 192.168.1.2 is located on a subnet that has a network ID of 192.168.1.0/24. On Server1, you create the scopes shown in the following table.

clip_image001[8]
You need to ensure that Server1 can assign IP addresses from both scopes to the DHCP clients on the local subnet. What should you create on Server1?

A.    A scope
B.    A superscope
C.    A split-scope
D.    A multicast scope

Answer: B
Explanation:
A. A scope is an administrative grouping of IP addresses for computers on a subnet that use the Dynamic Host Configuration Protocol (DHCP) service. The administrator first creates a scope for each physical subnet and then uses the scope to define the parameters used by clients.
B. A superscope is an administrative feature of Dynamic Host Configuration Protocol (DHCP) servers running Windows Server 2008 that you can create and manage by using the DHCP Microsoft Management Console (MMC) snap-in. By using a superscope, you can group multiple scopes as a single administrative entity.
D. Multicasting is the sending of network traffic to a group of endpointsdestination hosts. Only those members in the group of endpoints hosts that are listening for the multicast traffic (the multicast group) process the multicast traffic http://technet.microsoft.com/en-us/library/dd759168.aspx http://technet.microsoft.com/en-us/library/dd759152.aspx

clip_image001[10]

QUESTION 16
Your network contains servers that run Windows Server 2012 R2. The network contains a large number of iSCSI storage locations and iSCSI clients. You need to deploy a central repository that can discover and list iSCSI resources on the network automatically. Which feature should you deploy?

A.    the Windows Standards-Based Storage Management feature
B.    the iSCSI Target Server role service
C.    the iSCSI Target Storage Provider feature
D.    the iSNS Server service feature

Answer: D
Explanation:
A. Windows Server 2012 R2 enables storage management that is comprehensive and fully scriptable, and administrators can manage it remotely. A WMI-based interface provides a single mechanism through which to manage all storage, including non-Microsoft intelligent storage subsystems and virtualized local storage (known as Storage Spaces). Additionally, management applications can use a single Windows API to manage different storage types by using standards-based protocols such as Storage Management Initiative Specification (SMI-S).
B. Targets are created in order to manage the connections between an iSCSI device and the servers that need to access it. A target defines the portals (IP addresses) that can be used to connect to the iSCSI device, as well as the security settings (if any) that the iSCSI device requires in order to authenticate the servers that are requesting access to its resources. C. iSCSI Target Storage Provider enables applications on a server that is connected to an iSCSI target to perform volume shadow copies of data on iSCSI virtual disks. It also enables you to manage iSCSI virtual disks by using older applications that require a Virtual Disk Service (VDS) hardware provider, such as the Diskraid command.
D. The Internet Storage Name Service (iSNS) protocol is used for interaction between iSNS servers and iSNS clients. iSNS clients are computers, also known as initiators, that are attempting to discover storage devices, also known as targets, on an Ethernet network.
http://technet.microsoft.com/en-us/library/cc726015.aspx
http://technet.microsoft.com/en-us/library/cc772568.aspx

clip_image001[12]

QUESTION 17
Your network contains an Active Directory domain named contoso.com. The domain contains a file server named Server1. All servers run Windows Server 2012 R2. All domain user accounts have the Division attribute automatically populated as part of the user provisioning process. The Support for Dynamic Access Control and Kerberos armoring policy is enabled for the domain. You need to control access to the file shares on Server1 based on the values in the Division attribute and the Division resource property. Which three actions should you perform in sequence?

clip_image002[10]
Answer:

clip_image001[14]
Explanation:
First create a claim type for the property, then create a reference resource property that points back to the claim. Finally set the classification value on the folder

QUESTION 18
Your network contains two Active Directory forests named contoso.com and fabrikam.com. The contoso.com forest contains two domains named corp.contoso.com and contoso.com. You establish a two-way forest trust between contoso.com and fabrikam.com. Users from the corp.contoso.com domain report that they cannot log on to client computers in the fabrikam.com domain by using their corp.contoso.com user account. When they try to log on, they receive following error message:
“The computer you are signing into is protected by an authentication firewall. The specified account is not allowed to authenticate to the computer.” Corp.contoso.com users can log on successfully to client computers in the contoso.com domain by using their corp.contoso.com user account credentials. You need to allow users from the corp.contoso.com domain to log on to the client computers in the fabrikam.com forest. What should you do?

A.    Configure Windows Firewall with Advanced Security.
B.    Enable SID history.
C.    Configure forest-wide authentication.
D.    Instruct the users to log on by using a user principal name (UPN).

Answer: C
Explanation:
C. The forest-wide authentication setting permits unrestricted access by any users in the trusted forest to all available shared resources in any of the domains in the trusting forest.
http://technet.microsoft.com/en-us/library/cc785875(v=ws.10).aspx

clip_image001[16]

QUESTION 19
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed. The servers have the hardware configurations shown in the following table.

clip_image001[18]
Server1 hosts five virtual machines that run Windows Server 2012 R2. You need to move the virtual machines from Server1 to Server2. The solution must minimize downtime. What should you do for each virtual machine?

A.    Export the virtual machines from Server1 and import the virtual machines to Server2.
B.    Perform a live migration.
C.    Perform a quick migration.
D.    Perform a storage migration.

Answer: A
Explanation:
None of these migration options will work between different Processors ( AMD/Intel). The only option remaining is to export and re-import the VMs

QUESTION 20
Your network contains an Active Directory domain named contoso.com. The domain contains two servers named Server1 and Server2. Both servers have the Hyper-V server role installed. You plan to replicate virtual machines between Server1 and Server2. The replication will be encrypted by using Secure Sockets Layer (SSL). You need to request a certificate on Server1 to ensure that the virtual machine replication is encrypted. Which two intended purposes should the certificate for Server1 contain? (Each correct answer presents part of the solution. Choose two.)

A.    Client Authentication
B.    Kernel Mode Code Signing
C.    Server Authentication
D.    IP Security end system
E.    KDC Authentication

Answer: AC
Explanation:
http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificate- requirements.aspx

clip_image002[12]

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-412 Dump Download(1-10)!

QUESTION 1
Your network contains an Active Directory domain named adatum.com. The domain contains two domain controllers that run Windows Server 2012 R2. The domain controllers are configured as shown in the following table.

clip_image001
You log on to DC1 by using a user account that is a member of the Domain Admins group, and then you create a new user account named User1. You need to prepopulate the password for User1 on DC2. What should you do first?

A.    Connect to DC2 from Active Directory Users and Computers.
B.    Add DC2 to the Allowed RODC Password Replication Policy group.
C.    Add the User1 account to the Allowed RODC Password Replication Policy group.
D.    Run Active Directory Users and Computers as a member of the Enterprise Admins group.

Answer: C
Explanation:
http://technet.microsoft.com/en-us/library/cc730883(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc753470(v=ws.10).aspx#BKMK_pre

clip_image001[4]

QUESTION 2
Your company has offices in Montreal, New York, and Amsterdam. The network contains an Active Directory forest named contoso.com. An Active Directory site exists for each office. All of the sites connect to each other by using the DEFAULTIPSITELINK site link. You need to ensure that only between 20:00 and 08:00, the domain controllers in the Montreal office replicate the Active Directory changes to the domain controllers in the Amsterdam office. The solution must ensure that the domain controllers in the Montreal and the New York offices can replicate the Active Directory changes any time of day. What should you do?

A.    Create a new site link that contains Montreal and Amsterdam.
Remove Amsterdam from DEFAULTIPSITELINK.
Modify the schedule of DEFAULTIPSITELINK.
B.    Create a new site link that contains Montreal and Amsterdam.
Create a new site link bridge.
Modify the schedule of DEFAU LTIPSITELINK.
C.    Create a new site link that contains Montreal and Amsterdam.
Remove Amsterdam from DEFAULTIPSITELINK.
Modify the schedule of the new site link.
D.    Create a new site link that contains Montreal and Amsterdam.
Create a new site link bridge.
Modify the schedule of the new site link.

Answer: C
Explanation:
Very Smartly reworded with same 3 offices. In the exam correct answer is “Create a new site link that contains Newyork to Montreal.
Remove Montreal from DEFAULTIPSITELINK.Modify the schedule of the new site link”.
http://technet.microsoft.com/en-us/library/cc755994(v=ws.10).aspx

QUESTION 3
Your network contains two Active Directory forests named contoso.com and adatum.com. A two- way forest trust exists between the forests. The contoso.com forest contains an enterprise certification authority (CA) named Server1. You implement cross-forest certificate enrollment between the contoso.com forest and the adatum.com forest. On Server1, you create a new certificate template named Template1. You need to ensure that users in the adatum.com forest can request certificates that are based on Template1. Which tool should you use?

A.    DumpADO.ps1
B.    Repadmin
C.    Add-CATemplate
D.    Certutil
E.    PKISync.ps1

Answer: E
Explanation:
B. Repadmin.exe helps administrators diagnose Active Directory replication problems between domain controllers running Microsoft Windows operating systems.
C. Adds a certificate template to the CA.
D. Use Certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains.
E. PKISync.ps1 copies objects in the source forest to the target forest
http://technet.microsoft.com/en-us/library/ff955845(v=ws.10).aspx#BKMK_Consolidating http://technet.microsoft.com/en-us/library/cc770963(v=ws.10).aspx http://technet.microsoft.com/en-us/library/hh848372.aspx http://technet.microsoft.com/library/cc732443.aspx
http://technet.microsoft.com/en-us/library/ff961506(v=ws.10).aspx

clip_image001[6]

QUESTION 4
You have a server named Server1 that runs Windows Server 2012 R2. Server1 has the Windows Deployment Services server role installed. You back up Server1 each day by using Windows Server Backup. The disk array on Server1 fails. You replace the disk array. You need to restore Server1 as quickly as possible. What should you do?

A.    Start Server1 from the Windows Server 2012 R2 installation media.
B.    Start Server1and press F8.
C.    Start Server1 and press Shift+F8.
D.    Start Server1 by using the PXE.

Answer: A
Explanation:
A. Recovery of the OS uses the Windows Setup Disc
http://technet.microsoft.com/en-us/library/cc753920.aspx http://www.windowsnetworking.com/articles_tutorials/Restoring-Windows-Server-BareMetal.html

QUESTION 5
Your network contains two servers named Server1 and Server2 that run Windows Server 2012 R2. Both servers have the Hyper-V server role installed. Server1 and Server2 are located in different offices. The offices connect to each other by using a high-latency WAN link. Server2 hosts a virtual machine named VM1. You need to ensure that you can start VM1 on Server1 if Server2 fails. The solution must minimize hardware costs. What should you do?

A.    On Server1, install the Multipath I/O (MPIO) feature.
Modify the storage location of the VHDs for VM1.
B.    From the Hyper-V Settings of Server2, modify the Replication Configuration settings.
Enable replication for VM1.
C.    On Server2, install the Multipath I/O (MPIO) feature.
Modify the storage location of the VHDs for VM1.
D.    From the Hyper-V Settings of Server1, modify the Replication Configuration settings.
Enable replication for VM1.

Answer: D
Explanation:
You first have to enable replication on the Replica server–Server1–by going to the server and modifying the “Replication Configuration” settings under Hyper-V settings. You then go to VM1– which presides on Server2– and run the “Enable Replication” wizard on VM1.

clip_image002

clip_image002[4]

QUESTION 6
You have a server named Server1 that runs Windows Server 2012 R2. You modify the properties of a system driver and you restart Server1. You discover that Server1 continuously restarts without starting Windows Server 2012 R2. You need to start Windows Server 2012 R2 on Server1 in the least amount of time. The solution must minimize the amount of data loss. Which Advanced Boot Option should you select?

A.    Last Know Good Configuration (advanced)
B.    Repair Your Computer
C.    Disable automatic restart on system failure
D.    Disable Driver Signature Enforcement

Answer: A
Explanation:
http://windows.microsoft.com/en-ph/windows-vista/using-last-known-good-configuration

clip_image001[8]

QUESTION 7
Your network contains an Active Directory domain named contoso.com. The domain contains three servers named Server1, Server2, and Server3 that run Windows Server 2012 R2. All three servers have the Hyper-V server role installed and the Failover Clustering feature installed. Server1 and Server2 are nodes in a failover cluster named Cluster1. Several highly available virtual machines run on Cluster1. Cluster1 has the Hyper-V Replica Broker role installed. The Hyper-V Replica Broker currently runs on Server1. Server3 currently has no virtual machines. You need to configure Cluster1 to be a replica server for Server3 and Server3 to be a replica server for Cluster1. Which two tools should you use? (Each correct answer presents part of the solution. Choose two.)

A.    The Hyper-V Manager console connected to Server3
B.    The Failover Cluster Manager console connected to Server3
C.    The Hyper-V Manager console connected to Server1.
D.    The Failover Cluster Manager console connected to Cluster1
E.    The Hyper-V Manager console connected to Server2

Answer: AD
Explanation:
http://technet.microsoft.com/en-us/library/jj134240.aspx

clip_image002[6]

clip_image001[10]

QUESTION 8
You have a file server named Server1 that runs Windows Server 2012 R2. The folders on Server1 are configured as shown in the following table.

clip_image001[12]
A new corporate policy states that backups must use Microsoft Online Backup whenever possible. You need to identify which technology you must use to back up Server1. The solution must use Microsoft Online Backup whenever What should you identify? To answer, drag the appropriate backup type to the correct location or locations. Each backup type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.

clip_image002[8]
Answer:

clip_image001[14]
Explanation:
http://technet.microsoft.com/en-us/library/hh831761.aspx

clip_image002[10]

 

QUESTION 9
You have a DNS server named Server1 that runs Windows Server 2012 R2. Server1 has a signed zone for contoso.com. You need to configure DNS clients to perform DNSSEC validation for the contoso.com DNS domain. What should you configure?

A.    The Network Connection settings
B.    A Name Resolution Policy
C.    The Network Location settings
D.    The DNS Client settings

Answer: B
Explanation:
B. In a DNSSEC deployment, validation of DNS queries by client computers is enabled through configuration of IPSEC & NRPT
http://technet.microsoft.com/en-us/library/ee649182(v=ws.10).aspx http://technet.microsoft.com/en-us/library/ee649136(v=ws.10).aspx

clip_image001[16]

QUESTION 10
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1 that runs Windows Server 2012 R2. On Dc1, you open DNS Manager as shown in the exhibit. (Click the Exhibit button.)

clip_image001[18]
You need to change the replication scope of the contoso.com zone. What should you do before you change the replication scope?

A.    Modify the Zone Transfers settings.
B.    Add DC1 to the Name Servers list.
C.    Add your user account to the Security settings of the zone.
D.    Unsign the zone.

Answer: D
Explanation:
D. Lock icon signifies that the Zone has been signed. Changes to the zone are blocked when signed http://www.microsoft.com/en-us/download/dlx/ThankYou.aspx?id=29018

clip_image001[20]

 

If you want to pass the Microsoft 70-412 Exam sucessfully, recommend to read latest Microsoft 70-412 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(111-121)!

QUESTION 111
A user fails to connect to his mailbox by using Outlook Anywhere. The user successfully connects to the mailbox by using an Exchange ActiveSync-enabled mobile device and Outlook Web App. You need to identify what prevents the users from connecting to the mailbox by using Outlook Anywhere. Which tool should you use?

A.    Microsoft Outlook Connectivity Test
B.    Microsoft Exchange RPC Extractor
C.    Microsoft Exchange Server Profile Analyzer
D.    Exchange Server MAPI Editor

Answer: A
Explanation:
COURTESY OF DNS53 FROM UNITED STATES
ADDED CONNECTIVITY TEST TO OPTION A, AS IT IS MORE ACCURATE AND WITHOUT IT THE OPTION IS AMBIGUOUS.
TECHNICALLY THIS IS THE MICROSOFT OUTLOOK CONNECTIVITY TEST WITHIN
EXCHANGE SERVER REMOTE CONNECTIVITY ANALYSER.
Outlook Web App
You can use Outlook Web App to access your Office 365 or other Microsoft Exchange-based email account via a web browser.
The URL (web address) you’ll use to sign in to Outlook Web App depends on the type of account you have.
Outlook Web App can be used to access any email account that’s hosted on a server that’s running Microsoft Exchange Server 2013.

clip_image002

Mobile devices that are enabled for Microsoft Exchange ActiveSync let users access most of their Microsoft Exchange mailbox data any time, anywhere.
There are many different mobile phones and devices enabled for Exchange ActiveSync. These include Windows Phones, Nokia mobile phones, Android phones and tablets, and the Apple iPhone, iPod, and iPad.
Although both phone and non-phone mobile devices support Exchange ActiveSync, in most Exchange ActiveSync documentation, we use the term mobile device. Unless the feature or features we’re discussing require a cellular telephone signal, such as SMS message notification, the term mobile device applies to both mobile phones and other mobile devices such as tablets.

clip_image001
EXCHANGE SERVER SETTINGS:

clip_image001[4]

Outlook Anywhere (RPC over HTTP) allows you to use Outlook to connect to your Exchange server from remote locations without first connecting to the VPN. You can also/alternatively, use Outlook Web Access by logging in at https://xmail.bu.edu/ or www.bu.edu/webmail.

clip_image001[6]
For remote connections, Outlook offers Outlook Anywhere, an alternative to VPN connections that allows you to use Outlook just as you normally do at your organization, without the need for any special connections or hardware, such as smart cards and security tokens. Outlook can connect to Exchange through the Internet by using remote procedure call (RPC) over HTTP. The Outlook Anywhere feature allows you to access your Exchange account remotely from the Internet when you are working outside your organization’s firewall.
Test Outlook Anywhere Connectivity
http://technet.microsoft.com/en-us/library/ee633453(v=exchg.150).aspx
Applies to: Exchange Server 2013
You can test for end-to-end client Outlook Anywhere connectivity by using either the Shell or the Exchange Remote Connectivity Analyzer (ExRCA). This includes testing for connectivity through the Autodiscover service, creating a user profile, and signing in to the user’s mailbox. All the required values are retrieved from the Autodiscover service.
Exchange Remote Connectivity Analyzer (ExRCA
The Exchange Remote Connectivity Analyzer (ExRCA) is a web-based tool designed to test connectivity with a variety of Exchange protocols.
You can access the ExRCA
https://www.testexchangeconnectivity.com/
The Microsoft Exchange Remote Connectivity Analyzer (ExRCA) can help you confirm that connectivity for your Exchange servers is configured correctly and diagnose any connectivity issues. The Remote Connectivity Analyzer website offers tests for Microsoft Exchange ActiveSync, Exchange Web Services, Microsoft Outlook, and Internet email.

clip_image002[4]

Use the Shell to test Outlook Anywhere connectivity
To use the Shell to test Outlook Anywhere connectivity, use the Test-OutlookConnectivity cmdlet.
Run the following command.
Test-OutlookConnectivity -ProbeIdentity ‘OutlookMailboxDeepTestProbe’ -MailboxId
tony@contoso.com -Hostname contoso.com
NOT B
The Microsoft Exchange RPC Extractor is a command-line tool that can parse network captures and interpret remote procedure calls made from a client to Microsoft Exchange Server. RPX uses the information provided in the Microsoft Exchange Server protocol documentation to parse RPCs, remote operations (ROPs), and the parameters for each ROP.
NOT C
The Microsoft Exchange Server Profile Analyzer tool lets administrators collect estimated statistical information from a single mailbox store or across an Exchange Server organization. You can use the collected data to perform the following operations:
Analyze the performance and health of a mailbox server.
Improve capacity planning models.
Improve testing methodologies and tools.
Improve future client and server products.
NOT D
Use the Microsoft Exchange MAPI Editor to view and modify the contents of a Messaging API (MAPI) store directly.

QUESTION 112
You have an Exchange Server 2013 organization.
A user named User1 has a mailbox that is enabled for Unified Messaging (UM). User1 has nine call answering rules.
When User1 attempts to create a new call answering rule, the user receives an error message.
You need to identify what prevents User1 from creating a call answering rule.
What should you identify?

A.    The mailbox of User1 has the CallAnsweringRulesEnabled parameter set to $false
B.    The UM mailbox policy of User1 has the AllowCallAnsweringRules parameter set to $false.
C.    User1 exceeds the Inbox rules storage quota.
D.    User1 has the maximum number of call answering rules allowed.

Answer: D

QUESTION 113
Your company has a main office and a branch office. An Active Directory site exits for each office.
The offices are connected by a WAN link.
You plan to deploy Exchange Server 2013 in each site.
You need to identify the number of Exchange servers required to meet the following requirements:
– Maintain user access to mailboxes if a single server fails
– Use the minimize account of Exchange servers in each site
How many servers should you deploy in each site?

A.    1
B.    2
C.    3
D.    4

Answer: B

QUESTION 114
An administrator recommends removing EDGE1 from the implementation plan and adding a new Client Access server named CAS-8 instead. You need to identify which anti-spam feature will NOT be available on CAS-8. Which anti-spam feature should you identify?

A.    Connection Filtering
B.    Sender Filtering
C.    Content Filtering
D.    Recipient Filtering

Answer: A
Explanation:
A
You can’t enable the anti-spam agents on an Exchange 2013 Client Access server.
Therefore, the only way to get the Connection Filtering agent is to install an Exchange 2010 or Exchange 2007 Edge Transport server in the perimeter network
Connection Filtering agent is only available on the Edge Transport server role. Exchange 2013 does not have an Edge Transport server role yet.
NOT B C D
Only need to identify 1 and this is connection filtering.

QUESTION 115
You need to recommend which task is required to prepare Active Directory for the planned Exchange Server 2013 implementation. What should you recommend?

A.    On any domain controller in the Paris office, run setup.exe /preparead.
B.    On any domain controller in the Amsterdam office, run setup.exe /preparead.
C.    On any domain controller in the Paris office, run setup.exe /preparealldomains.
D.    On any domain controller in the Amsterdam office, run setup.exe /preparedomain.

Answer: B
Explanation:
B
The schema master is in the Amsterdam office.
Before you install the release to manufacturing (RTM) version of Microsoft Exchange Server 2013 or later cumulative updates (CU) on any servers in your organization, you must prepare Active Directory and domains.
Run  setup.exe /preparead on the schema master.
NOT A  C
The schema master is in the Amsterdam office.
Run  setup.exe /preparead on the schema master.
NOT D
Fabrikam has a single domain.
In order to prepare a domain, run the following command from an elevated command prompt after browsing to the Exchange 2013 DVD/ISO.
Setup.exe /PrepareDomain /IAcceptExchangeServerLicenseTerms
If you have a single domain environment, you don’t have to prepare the domain as the local domain is prepared for 2013 as part of preparing the AD. But, if you have a multi-domain environment, all other domains (except the one on which the AD was prepared) has to be ready for 2013.
You can prepare all the domains in one go by running the command below.
Setup.exe /PrepareAllDomains /IAcceptExchangeServerLicenseTerms (you will need Enterprise Admin rights).

QUESTION 116
You have an Exchange Server 2013 organization that contains five servers. Your company has a finance department, a marketing department, and a research department. Users in the marketing department are prevented from creating more than two Exchange ActiveSync device associations. You have a user named User5 in the finance department. You need to prevent User5 from creating more than two Exchange ActiveSync device associations. Which cmdlet should you use?

A.    Set-ThrottlingPolicyAssociation
B.    Set-ResourcePolicy
C.    Set-ActiveSyncMailboxPolicy
D.    Set-CASMailbox

Answer: A

QUESTION 117
You have an Exchange Server 2013 organization named for Contoso. A user named Admin1 is a member of the Domain Admins group. Admin1 fails to synchronize a new Windows Phone device by using Exchange ActiveSync and receives an HTTP 500 error message. Admin1 successfully logs on to Outlook Web App and Outlook Anywhere. You need to ensure that Admin1 can synchronize the new Windows Phone device by using Exchange ActiveSync. What should you do?

A.    Install a trusted root certificate on the Windows Phone device.
B.    Create a new mobile device mailbox policy.
C.    Enable permission inheritance on the Admin1 user account.
D.    Disable permission inheritance on the Admin1 user account.

Answer: C
Explanation:
Mobile device mailbox policy
In Microsoft Exchange Server 2013, you can create mobile device mailbox policies to apply a common set of policies or security settings to a collection of users. After you deploy Exchange ActiveSync in your Exchange 2013 organization, you can create new mobile device mailbox policies or modify existing policies. When you install Exchange 2013, a default mobile device mailbox policy is created. All users are automatically assigned this default mobile device mailbox policy.
NOT A
It is possible to save a digital certificate to a file and install a digital certificate on a Windows Mobile phone.
Microsoft Exchange ActiveSync enables a variety of mobile phones to synchronize with an Exchange mailbox.
A digital certificate might need to be installed on a user’s mobile phone if Exchange ActiveSync is required to use Secure Sockets Layer (SSL) and your organization uses a certificate that isn’t from a trusted commercial certification authority (CA).
No mention of SSL in this question
NOT B
This is a permission inheritance issue.
NOT D
Need to enable permission inheritance not disable it or leave it as disabled.

QUESTION 118
You have an Exchange Server 2013 organization that contains a server named EX1. Your network contains a non-critical internal application that regularly connects to the POP3 Service on EX1. Users report that Outlook Web App performs more slowly than usual. You discover that EX1 frequently has a CPU utilization that is greater than 85 percent. You need to configure EX1 temporarily to allocate more processor resources to Outlook Web App and to allocate less processor resources to POP3. Which two new policies should you create? (Each correct answer presents part of the solution.
Choose two.)

A.    a throttling policy that sets OWAMaxConcurrency to 25
B.    a workload policy for POP3 that sets the WorkloadClassification to Discretionary
C.    a workload policy for Outlook Web App that sets the WorkloadClassification to Discretionary
D.    a throttling policy that sets PopMaxConcurrency to 25
E.    a workload policy for POP3 that sets the WorkloadClassification to CustomerExpectation
F.    a workload policy for Outlook Web App that sets the WorkloadClassification to CustomerExpectation

Answer: BF
Explanation:
A workload policy
An Exchange workload is an Exchange Server feature, protocol, or service that’s been explicitly defined for the purposes of Exchange system resource management. Each Exchange workload consumes system resources such as CPU, mailbox database operations, or Active Directory requests to run user requests or background work. Examples of Exchange workloads include Outlook Web App, Exchange ActiveSync, mailbox migration, and mailbox assistants.
There are two ways to manage Exchange workloads: by monitoring the health of system resources or by controlling how resources are consumed by individual users (sometimes called user throttling in Exchange 2010).
Managing workloads based on the health of system resources is new in Microsoft Exchange Server 2013.
Controlling how resources are consumed by individual users was possible in Exchange Server 2010, and this capability has been expanded for Exchange Server 2013. You can customize the workload management settings if you want to change the default behavior of the feature for the needs of your environment.
Workload classifications
Each Exchange workload (for example, the Calendar Synchronization Assistant workload), is assigned a classification.
Workload policy settings are used to group each workload into a class. Classification is used to control both priority and target resource usage.
Exchange workloads can be assigned one of the following classifications:
Urgent
Customer Expectation
Internal Maintenance
Discretionary
Workloads in a higher classification group are given preference as resource health shows signs of degrading.
For example, when a resource such as local server CPU reaches high usage, workloads classified as Internal
Maintenance may continue to run, while workloads classified as Discretionary may be stopped.
NOT A D
A throttling policy is related to Exchange 2010
NOT C
Do not need to allocate less priority to Outlook Web App, but more
NOT E
POP3 is allocated too much resources with a WorkloadClassification of CustomerExpectation
Correct Answer B
Need to allocate less priority to POP3
Correct Answer F
Outlook Web App is allocated the appropriate amount of resources with a WorkloadClassification of CustomerExpectation

QUESTION 119
Hotspot Question
Your company has an Exchange Server 2013 organization. The company hires 200 temporary employees. You create a mailbox for each temporary employee. You create a new management role named CustomBaseOptions that uses MyBaseOptions as a parent. You create a new management role named CustomContactlnfo that uses MyContactlnfo as a parent. You plan to apply the new management roles to the temporary employees. You need to identify which management roles must be modified to prevent the temporary employees from performing the following task:
– Adding a user photo
– Viewing delivery reports
– Viewing the Install Apps feature
– Changing the value of the office location
Which management roles should you identify?
To answer, select the appropriate management role for each task in the answer area.

clip_image001[8]

clip_image001[10]
Answer:

clip_image001[12]
Explanation:
ADDING A USER PHOTO
MyBaseOptions
View and modify the basic configuration of their own mailbox and associated settings.
VIEWING DELIVERY REPORTS
MyBaseOptions includes the following delivery reports information Delivery Success
Delivery Failure
Email submission from the senders mailbox
Message was read etc…
VIEWING THE INSTALL APPS FEATURE
MyBaseOptions
View and modify the basic configuration of their own mailbox and associated settings.
CHANGING THE VALUE OF THE OFFICE LOCATION
The MyContactInformation management role enables individual users to modify their contact information, including address and phone numbers.
QUESTION 120
You have an Exchange Server 2013 organization.
You are troubleshooting an email delivery problem.
You need to disable temporarily the antimalware scanning on a server that has Exchange Server 2013 installed. The solution must ensure that the antimalware engine continues to download updates.
What should you run?

A.    the Set-TransportConfig cmdlet
B.    the Disable-Antimalwarescanning.psl script
C.    the New-MalwareFilterPolicy cmdlet
D.    the Set-MalwareFilteringServer cmdlet

Answer: D

QUESTION 121
You have an Exchange Server 2013 organization that contains two Client Access servers named
EX1 and EX2 and two Mailbox servers named EX3 and EX4. You have a firewall that controls all of the traffic between the internal network and the Internet. EX3 and EX4 are prevented from communicating with Internet hosts. EX1 and EX3 are in a site named Site1. EX2 and EX4 are in a site named Site2. All outbound email is sent through EX1. Site1 fails. You discover that email messages for the Internet are queued on EX4. You create a new send connector in Site2. You discover that all of the outbound email is queued on EX4 and is not delivered to the Internet. You verify that the client computers on the network can receive email messages from the Internet successfully. You need to ensure that the email messages are delivered successfully to the Internet.
Which cmdlet should you run?

A.    Set-SendConnector
B.    Set-MailboxTransportService
C.    Set-TransportService
D.    Set-TransportServer

Answer: A

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(101-110)!

QUESTION 101
You have an Exchange Server 2013 organization that contains 20 Mailbox servers. You plan to create 10 mailbox databases on each Mailbox server. You need to create a naming convention for all mailbox databases.
What should you include in your naming convention?

A.    For each mailbox database, provide a database name that is unique within the organization.
B.    For each mailbox database, provide a database name that is unique within the Mailbox server.
C.    For each mailbox database file, provide a file name that is unique within the organization.
D.    For each mailbox database file, provide a file name that is unique within the Mailbox server.

Answer: A

QUESTION 102
You have an Exchange Server organization that contains three servers that have Exchange Server 2013 installed and one server that has Exchange Server 2010 installed. You create the custom RBAC roles shown in the following table.

clip_image001
The Seattle help desk manages all of the users in an organizational unit (OU) named Seattle. The Miami help desk manages all of the users in an OU named Miami. The IT Administrators manage all of the users in the forest. You need to recommend which commands must be run to prevent only the members of both help desks from modifying the properties of users who have a department attribute value of Manager. Which three commands should you run? (Each correct answer presents part of the solution. Choose three.)

A.    new-managementscope “executive users exclusive scope”
-recipientrestrictionfilter { department -eq “manager” } -exclusive sorce
B.    new-managementroleassignment -name “managers” -securitygroup “managers”
-role “mail recipients” -exclusiverecipientwritescope “executive users exclusive scope”
C.    new-roleassignmentpolicy -name “limited end user policy” -roles “mypersonalinformation”.
D.    new-rolegroup -name “managers” -roles “mail recipients” -members admins
E.    new-rolegroup -name “help desk” -roles “mail recipients” -members admins

Answer: ABD
Explanation:
Note:
* (A) Use the New-ManagementScope cmdlet to create a regular or exclusive management scope. After you create a regular or exclusive scope, you need to associate the scope with a management role assignment.
To associate a scope with a role assignment, use the New- ManagementRoleAssignment cmdlet.
* (B) Use the New-ManagementRoleAssignment cmdlet to assign a management role to a management role group, management role assignment policy, user, or universal security group (USG).

QUESTION 103
You have an Exchange Server 2007 organization.
You recently deployed a server that has Exchange Server 2013 installed. The Exchange Server organization contains three servers. The servers are configured as shown in the following table.

clip_image001[4]
Server2 contains a mailbox for a user named User1. You move the mailbox of User1 to Server3. After the move, User1 fails to access his mailbox by using Outlook Web App. Users who have mailboxes on Server1 and Server2 can access their mailboxes by using Outlook Web Access. You need to ensure that User1 can access his mailbox from the Internet by using Outlook Web App at https://mail.contoso.com. The solution must ensure that users who have mailboxes on Server1 and Server2 can continue to use Outlook Web Access. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A.    Export the certificate on Server1 and import the certificate to Server 3.
B.    On all of the Exchange servers, install a new certificate that contains the mail.contoso.com and
legacy.contoso.com names.
C.    Redirect all of the traffic from the Internet for mail.contoso.com to Server3.
D.    On all of the Exchange servers, install a new certificate that contains the Server1.contoso.com,
server2.contoso.com, server3.contoso.com, and legacy.contoso.com names.
E.    Create a host (A) record named legacy.contoso.com that points to Server1.

Answer: BCE

QUESTION 104
You host Exchange Server 2013 organizations for several hundred tenants. The infrastructure contains several custom transport agents. You need to prevent the transport agents from overloading the processors on one of the Exchange servers. Which cmdlet should you run?

A.    Set-WorkloadPolicy
B.    Set-ResourcePolicy
C.    Set-TransportAgent
D.    Set-ThrottlingPolicy

Answer: B

QUESTION 105
Drag and Drop Question
You have an Exchange Server 2013 organization that contains a server named EX1. You have a user named User1 in the marketing department. You need to prevent User1 from submitting more than 50 email messages per minute to the Exchange Server organization by using Microsoft Outlook.
Which three commands should you run?
To answer, move the three appropriate commands from the list of commands to the answer area and arrange them in the correct order.

clip_image002
Answer:
Box 1:

clip_image001[6]
Box 2:

clip_image001[8]
Box 3:

clip_image001[10]
Explanation:
Note:
Box 1:
* Use the New-ThrottlingPolicy cmdlet to create a non-default user throttling policy.
* The MessageRateLimit parameter specifies the number of messages per minute that can be submitted to transport.
Box 3:
* Use the Set-Mailbox cmdlet to modify the settings of an existing mailbox. You can use this cmdlet for one mailbox at a time.
/ parameter: ThrottlingPolicy
Microsoft.Exchange.Configuration.Tasks.ThrottlingPolicyIdParameter

QUESTION 106
Drag and Drop Question
You have an Exchange Server 2013 organization that contains four servers named EX1, EX2, EX3, and EX4. All of the servers are members of a database availability group (DAG) named DAG1. Each server has a copy of a mailbox database named DB1. DB1 has the following characteristics:
– The replay lag time on Ex4 is set to 14 days.
– Single item recovery on all of the servers is set to 14 days.
– None of the servers have Volume Shadow Copy Service (VSS) backups.
Ex4 has a folder named F:\RDB that is used to store database files during restore operations. Twenty days ago, a user named User1 deleted an email message that had a subject of “Sales Report”.
You need to restore the deleted email message to the mailbox of User1. You copy the lagged database and the log files that are older than 20 days to F:\RDB.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002[4]
Answer:

clip_image002[6]

QUESTION 107
Your company has three offices. Each office is configured as an Active Directory site. You have three servers that have Exchange Server 2013 installed named EX1, EX2 and EX3. All three servers have the Client Access server role and the Mailbox server role installed. The Active Directory site links and costs are configured as shown in the exhibit. (Click the Exhibit button.)

clip_image002[8]
Site B is designated as a hub site. EX2 fails. You discover that all email messages sent from the users in Site A to the users in Site C are queued on a server in Site A. You need to ensure that the email messages are sent to Site C as quickly as possible. What should you do first?

A.    Modify the Active Directory site link costs.
B.    Configure Site A as a hub site.
C.    Modify the Exchange-specific site link cost.
D.    Remove the hub site.

Answer: D

QUESTION 108
Your network contains an internal network and a perimeter network. The internal network contains four offices. The perimeter network is located in a separate office. Each internal office has a direct WAN link to all other internal offices. Each of the four offices that make up the internal network is configured as an Active Directory site. The Active Directory sites and site links are configured as shown in the exhibit. (Click the Exhibit button.)

clip_image001[12]
Your company has an Exchange Server 2013 organization. Each site contains two servers that have the Mailbox server role and the Client Access server role installed. To the perimeter network, you deploy two servers that have Exchange Server 2010 Service Pack 2 (SP2) and the Edge Transport server role installed. You configure an Edge Subscription to Site1. You deploy a new email notification application to Site4. The application will send 25,000 email messages daily to external recipients. You need to identify which WAN links will have increased traffic from the new email application. Which WAN link or links should you identify? (Each answer presents part of the solution. Choose all that apply.)

A.    The WAN link between Site4 and the perimeter network
B.    The WAN link between Site4 and Site3
C.    The WAN link between Site1 and the perimeter network
D.    The WAN link between Site4 and Site1
E.    The WAN link between Site4 and Site2

Answer: CE
Explanation:
C: the traffic will increase on the single WAN link on the perimeter network.
E: The traffic will increase between Site4 and Site2 since the cost of this link (5) plus the cost of the link between Site2 and Site1 (1) is lower the cost on the direct link between Site4 and Site1 (10).
Incorrect answers:
Not A: There is no WAN link between Site4 and the perimeter network. Not B: The cost of the WAN link between site3 and site3 is high (10). This path will not be chosen.
Not D: There is no WAN link between Site4 and Site1.

QUESTION 109
You have network contoso.com. contoso.com consist of AD DS Domain contoso.com. All Servers running Windows Server 2012 and all Clients running Windows 8 Pro. Server1 runs Mailbox Server Role and Client Access Server Role. You are configuring Anti-Spam Filtering on Server1. You need to ensure that all emails with words “Free Credit Check” are rejected unless the email is sent to Finance Distribution Group. You also need to ensure that all emails from partner company Domain name adatum.com bypass the Anti-Spam Filter. You run the Add-ContentFilterPhrase and add the words “Free Credit Check” What should you do next?

A.    Run the Set-TransportConfig and Set-ContentFilterConfig
B.    Run the Set-SenderReputationConfig and Set-TransportConfig
C.    Run the Set-ContentFilterConfig and Set-RecipientFilterConfig
D.    Run the Set-SenderFilterConfig and Set-RecipientFilterConfig

Answer: C
Explanation:
COURTESY OF DNS53 FROM UNITED STATES
NOT A
Set-TransportConfig not required in this scenario
Use the Set-TransportConfig cmdlet to modify the transport configuration settings for the whole Exchange organization.
NOT B
Set-TransportConfig not required in this scenario
Use the Set-TransportConfig cmdlet to modify the transport configuration settings for the whole Exchange organization.
Use the Set-SenderReputationConfig cmdlet to modify the sender reputation configuration on a Mailbox server or an Edge Transport server.
EXAMPLE 1
This example makes the following modifications to the sender reputation configuration:
It sets the sender reputation action to block all senders whose sender reputation level (SRL) rating exceeds the SRL threshold.
It sets the SRL blocking threshold to 6.
It sets the number of hours that senders are put on the blocked senders list to 36 hours.
Set-SenderReputationConfig -SenderBlockingEnabled $true -SrlBlockThreshold
6 – SenderBlockingPeriod 36
NOT D
Who sent the emails is not required in this scenario
Use the Set-SenderFilterConfig cmdlet to modify the Sender Filter agent configuration.
EXAMPLE 1
This example makes the following modifications to the Sender Filter agent configuration:
It enables blocking of blank senders.
It blocks messages from lucernepublishing.com and all subdomains. It adds user1@contoso.com and user2@contoso.com to the blocked senders list without affecting any existing entries.
Set-SenderFilterConfig -BlankSenderBlockingEnabled $true -BlockedDomainsAndSubdomains
lucernepublishing.com -BlockedSenders @{Add=”user1@contoso.com”,”user2@contoso.com”} C
Use the Set-ContentFilterConfig cmdlet to modify the content filter configuration on a Mailbox server or an Edge Transport server.
EXAMPLE 1
This example specifies the sender domain woodgrovebank.com as a bypassed domain. Messages received from that domain bypass the Content Filter agent. Set-ContentFilterConfig -BypassedSenderDomains woodgrovebank.com Use the Set-RecipientFilterConfig cmdlet to enable and configure the Recipient Filter agent.
EXAMPLE 2
This example makes the following changes to the Recipient Filter agent configuration:
Enables the Blocked Recipients list.
Adds two users to the Blocked Recipients list.
Set-RecipientFilterConfig -BlockListEnabled $true -BlockedRecipients
user1@contoso.com,user2@contoso.com

QUESTION 110
You are evaluating the implementation of a Database Availability Group (DAG). You need to recommend changes to the planned implementation to minimize the loss of large email messages if a single DAG member fails. What should you recommend changing?

A.    The preference of the mail exchanger (MX) records
B.    The duration of single item recovery
C.    The intervals of shadow redundancy
D.    The size of the transport dumpster

Answer: D
Explanation:
A database availability group (DAG) is the base component of the high availability and site resilience framework built into Microsoft Exchange Server 2013.
A DAG is a group of up to 16 Mailbox servers that hosts a set of databases and provides automatic databaselevel recovery from failures that affect individual servers or databases. A DAG is a boundary for mailbox database replication, database and server switchovers, failovers, and an internal component called Active Manager. Active Manager, which runs on every server in a DAG, manages switchovers and failovers.
NOT A
Not relevant to this scenario
NOT B
Not relevant to this scenario
Single item recovery provides an additional layer of protection so that you can recover items that were accidentally deleted by a user or by automated processes such as the Managed Folder Assistant.
Single item recovery simplifies recovery and reduces recovery time because you can recover items without recovering an entire mailbox or mailbox database from backup media. To learn more, see “Single item recovery” in Recoverable Items Folder.

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(91-100)!

QUESTION 91
Drag and Drop Question
You have an Exchange Server 2013 organization that contains a server named Server1. A user named User1 has an administrative assistant named Assistant1. A user named User2 has an administrative assistant named Assistant2.
You need to configure access to Outlook to meet the following requirements:
– Assistant1 must be able to send email messages as a User1.
– Assistant2 must be able to send email messages on behalf of User2.
Which cmdlets should you use? (To answer, drag the appropriate cmdlets to the correct requirements. Each cmdlet may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

clip_image002
Answer:

clip_image002[4]
Explanation:
Add-MailboxFolderPermission
Use the Add-MailboxFolderPermission cmdlet to manage folder-level permissions for all folders within a user’s mailbox.
For information about the parameter sets in the Syntax section below, see Syntax. This example assigns permissions for Ed to access Ayla’s Marketing mailbox folder and applies the Owner role to his access of that folder.
Add-MailboxFolderPermission -Identity ayla@contoso.com:\Marketing -User Ed@contoso.com ?AccessRights Owner
Add-MailboxPermission
Use the Add-MailboxPermission cmdlet to add permissions to a mailbox. This example grants Kevin Kelly full access to Terry Adams’s mailbox.
Note:
The Identity parameter requires the full name of the user to be enclosed in quotation marks (“). Add-MailboxPermission -Identity “Terry Adams” -User KevinKelly -AccessRights FullAccess ?InheritanceType
All
Add-ADPermission
Use the Add-ADPermission cmdlet to add permissions to an Active Directory object. This example grants Send As permissions for Aaron Painter to Terry Adams’s mailbox. Add-ADPermission -Identity “Terry Adams” -User AaronPainter -AccessRights ExtendedRight – ExtendedRights
“Send As” Send As rights is applied to Active directory object.
Set-Mailbox
Use the Set-Mailbox cmdlet to modify the settings of an existing mailbox. You can use this cmdlet for one mailbox at a time. To perform bulk management, you can pipeline the output of various Get- cmdlets (for example, the Get-Mailbox or Get-User cmdlets) and configure several mailboxes in a single-line command.
You can also use the Set-Mailbox cmdlet in scripts.
For information about the parameter sets in the Syntax section below, see Syntax. This example delivers John Woods’s email messages to John’s mailbox and also forwards them to Manuel Oliveira’s (manuel@contoso.com) mailbox.
Set-Mailbox -Identity John -DeliverToMailboxAndForward $true -ForwardingSMTPAddress manuel@contoso.com
Send on Behalf
The Send on Behalf permission allows a user to send email on behalf of the shared mailbox. For example, if
John logs into the shared mailbox Reception Building 32 and sends an email, it will appear to recipients as being sent by “John on behalf of Reception Building 32”. To grant Send on Behalf permissions, you must use the Exchange Management Shell. Use the Set- Mailbox cmdlet with the GrantSendonBehalf parameter.

QUESTION 92
Hotspot Question
You have an Exchange Server 2013 organization that contains 10 mailbox servers. You have a custom workload management policy named App1Policy. App1Policy is applied to three Mailbox servers. You deploy a new Mailbox server named EX11. You need to ensure that App1Policy is applied to EX11. Which command should you run? (To answer, configure the appropriate options in the answer area.)

clip_image002[6]
Answer:

clip_image002[8]
Explanation:
An Exchange workload is an Exchange Server feature, protocol, or service that’s been explicitly defined for the purposes of Exchange system resource management. Each Exchange workload consumes system resources such as CPU, mailbox database operations, or Active Directory requests to run user requests or background work. Examples of Exchange workloads include Outlook Web App, Exchange ActiveSync, mailbox migration, and mailbox assistants. There are two ways to manage Exchange workloads: by monitoring the health of system resources or by controlling how resources are consumed by individual users (sometimes called user throttling in Exchange 2010).
Managing workloads based on the health of system resources is new in Microsoft Exchange Server 2013. Controlling how resources are consumed by individual users was possible in Exchange Server 2010, and this capability has been expanded for Exchange Server 2013. You can customize the workload management settings if you want to change the default behavior of the feature for the needs of your environment.
SECTION1
Use the Set-ExchangeServer cmdlet to set Exchange attributes in Active Directory for a specified server.
(EX11)
Not a throttling policy
Scenario details a workload management policy
Use the Set-ResourcePolicy cmdlet to set the properties of a custom resource policy.
SECTION2
The Identity parameter specifies the GUID, distinguished name (DN), or name of the server.
Need EX11 as it is the name of the server
SECTION3
The WorkloadManagementPolicy parameter specifies the name of a workload management policy to apply in Active Directory. (App1Policy)
Not a throttling policy

QUESTION 93
Hotspot Question
You have an Exchange Server 2013 organization that contains two distribution groups named Groupl and Group2.
You need to prevent the members of Groupl and Group2 from communicating with each other by using email, unless the email messages contain the string Press Release in the subject. Users whose email messages are rejected must receive a non-delivery report (NDR) that contains a status code of 5.7.3.
Which command should you run? (To answer, configure the appropriate options in the answer area.)

clip_image002[10]
Answer:

clip_image002[12]

QUESTION 94
You have an Exchange Server 2013 organization named for A.Datum Inc. A user named User1 is a member of the Domain Admins group. User1 fails to synchronize a new Windows Phone device by using Exchange ActiveSync and receives an HTTP 500 error message. User1 successfully logs on to Outlook Web App and Outlook Anywhere. You need to ensure that User1 can synchronize the new Windows Phone device by using Exchange ActiveSync. Which two tasks should you perform? (Each correct answer presents a complete solution. Choose two.)

A.    Disable permission inheritance on the User1 user account.
B.    Enable permission inheritance on the User1 user account.
C.    Install a trusted root certificate on the Windows Phone device.
D.    Create a new mobile device mailbox policy.
E.    Modify the Exchange ActiveSync policy that applies to User1’s mailbox.

Answer: BE
Explanation:
HTTP 500 ERROR MESSAGE
The Web server (running the Web Site) encountered an unexpected condition that prevented it from fulfilling the request by the client (e.g. your Web browser or our CheckUpDown robot) for access to the requested URL.
B
Simply check include inheritable permissions from this object’s parent.
INHERITABLE PERMISSIONS
NOT A
Need to enable permission inheritance on the User1 user account not disable it NOT C
This solution will fix a different error. (Error 80072F0D) error This error can occur when the root certificate authority that generated the SSL certificate being used by the Exchange server is not trusted by the Windows Phone device.
This will commonly occur with Exchange servers that are still configured to use a self-signed certificate, or that have a certificate issued from a private CA.
NOT D
No need to create a new policy but need to modify the existing policy

clip_image001
E
It appears that Exchange ActiveSync for User 1’s mailbox may not be enabled.
Use the EAC to enable or disable Exchange ActiveSync
In the EAC, navigate to Recipients > Mailboxes.
In the list of user mailboxes, click the mailbox that you want to enable or disable Exchange ActiveSync for, and then click Edit.
On the mailbox properties page, click Mailbox Features.
Under Mobile Devices, do one of the following:
To disable Exchange ActiveSync click Disable Exchange ActiveSync. A warning appears asking if you’re sure you want to disable Exchange ActiveSync. Click Yes. To enable Exchange ActiveSync, click Enable Exchange ActiveSync.
Click Save to save your change.
Exchange ActiveSync mailbox policies control how users use and synchronize their mobile devices in your organization.
When you change an Exchange ActiveSync device policy, it affects all users whose mailbox is associated with that policy. The policy you set as the default automatically affects all users in the organization except those you have explicitly assigned different device policies to. Not all mobile devices support all the Exchange ActiveSync policy settings. If a policy setting isn’t supported on a particular device, the device may not apply the setting. You can control whether devices that don’t support specific policies are allowed to connect in the General settings for the policy.

clip_image002[14]

QUESTION 95
Your company has a main office and a branch office. You have an Exchange Server 2013 organization. The company recently built a new meeting room in the branch office. You need to ensure that the meeting room is available by using the Room Finder feature in Microsoft Outlook.
Which cmdlet should you run?

A.    Set-MailboxCalendarConfiguration
B.    New-Mailbox
C.    Set-CalendarProcessing
D.    New RemoteMailbox

Answer: B
Explanation:
New-Mailbox
Create a new Room Mailbox to schedule meetings in conference rooms, auditoriums, labs or other facilities
New-Mailbox -Name <Room Name> –Room

clip_image002[16]

clip_image001[4]

NOT A
Use the New-RemoteMailbox cmdlet to create a mail-enabled user in the on-premises Active Directory and also create an associated mailbox in the cloud-based service.
Not designed for room mailboxes.
NOT C
Use the Set-MailboxCalendarConfiguration cmdlet to apply calendar settings for users using Microsoft Office Outlook Web App calendars.
NOT D
Use the Set-CalendarProcessing cmdlet to modify calendar-related processing configuration properties for the target mailbox, which include Calendar Attendant, resource booking assistant, and calendar configuration.
B New-Mailbox
Create a new Room Mailbox to schedule meetings in conference rooms, auditoriums, labs or other facilities Create new Room Mailbox
PowerShell command syntax:
New-Mailbox -Name <Room Name> -Room
Example:
New-MailBox -Name FL-ROOM1 -Room
A Look at Exchange Server 2013 Resource Mailboxes
http://exchangeserverpro.com/exchange-server-2013-room-equipment-mailboxes/
Resource mailboxes have been around for a few versions of Exchange Server, and Exchange Server 2013 brings us a few improvements in how they are managed.
There are two types of resource mailboxes:
Room mailboxes are for fixed locations such as meeting rooms or conference facilities Equipment mailboxes are for items that are not fixed to a location, such as laptops or vehicles Exchange 2013 puts resource mailboxes under their own section of the Exchange Administration Center. Both room and equipment mailboxes are managed in this same section.

clip_image001[6]
One of the immediate improvements is that you are able to set the booking policy or assign delegates during the creation of the resource mailbox, rather than as a secondary task after the mailbox is created.

clip_image001[8]

After the mailbox has been created there are a few additional properties you can customize. The booking options can be further tuned with regards to recurring meetings, booking horizon, and custom replies.

clip_image001[10]
You can also easily configure a MailTip for the resource mailbox.

clip_image001[12]
The text that you place in the MailTip will appear automatically when people add the room or resource mailbox to a meeting request in Outlook. Although in my opinion the MailTip needs some color to draw the person’s attention to it.

clip_image001[14]
Finally, an interesting default setting is the disabling of email address policies. This does make sense as most resource mailboxes are for internal use only, so having email address policies assigning multiple SMTP addresses to resource mailboxes is usually not necessary.

clip_image001[16]
Overall it appears that room and resource mailboxes are a feature that has matured over the previous versions of Exchange Server and now receive just a few minor improvements to make them simpler to manage.

QUESTION 96
Drag and Drop Question
You have an Exchange Server 2013 organization that contains five servers. Several employees plan to use Microsoft Outlook to collaborate on some projects. You need to configure access to Outlook to meet the following requirements:
– Several employees must be able to open only the Inbox of a user named Userl.
– Several employees must be able to copy email messages from any folder in the mailbox of a user named User2.
– Several employees must be able to create only contacts in the mailbox of a user named User3.
Which cmdlets should you use?
To answer, drag the appropriate cmdlet to the correct requirement in the answer area. Each cmdlet may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.

clip_image002[18]
Answer:

clip_image002[20]
Explanation:
Add-MailboxFolderPermission
Use the Add-MailboxFolderPermission cmdlet to manage folder-level permissions for all folders within a user’s mailbox.
EXAMPLE 1
This example assigns permissions for Ed to access Ayla’s Marketing mailbox folder and applies the Owner role to his access of that folder.
Add-MailboxFolderPermission -Identity ayla@contoso.com:\Marketing -User
Ed@contoso.com ?AccessRights Owner
Add-MailboxPermission
Use the Add-MailboxPermission cmdlet to add permissions to a mailbox.
EXAMPLE 1
This example grants Kevin Kelly full access to Terry Adams’s mailbox.
Note:
The Identity parameter requires the full name of the user to be enclosed in quotation marks (“). Add-MailboxPermission -Identity “Terry Adams” -User KevinKelly -AccessRights FullAccess ?InheritanceType
All
Set-Mailbox
Use the Set-Mailbox cmdlet to modify the settings of an existing mailbox. You can use this cmdlet for one mailbox at a time. To perform bulk management, you can pipeline the output of various Get- cmdlets (for example, the Get-Mailbox or Get-User cmdlets) and configure several mailboxes in a single-line command.
You can also use the Set-Mailbox cmdlet in scripts.
EXAMPLE 1
This example delivers John Woods’s email messages to John’s mailbox and also forwards them to Manuel Oliveira’s (manuel@contoso.com) mailbox.
Set-Mailbox -Identity John -DeliverToMailboxAndForward $true -ForwardingSMTPAddress manuel@contoso.com
STEPS
1. Use the Add-MailboxFolderPermission cmdlet to manage folder-level permissions for all folders within a user’s mailbox.
2. Use the Add-MailboxPermission cmdlet to add permissions to a mailbox.
3. Use the Add-MailboxFolderPermission cmdlet to manage folder-level permissions for all folders within a user’s mailbox.

QUESTION 97
Hotspot Question
You are planning to implement several servers on virtual machines. The servers have Exchange Server 2013 installed.
The planned implementation must meet the following requirements:
– Minimize the amount of overhead required for the virtualization solution.
– Minimize the risk of data corruption for the Exchange Server databases.
You need to recommend a storage solution for the Exchange databases and a backup and recovery solution for the planned servers. Which solutions should you recommend? To answer, select the appropriate solutions in the answer area.

clip_image001[18]
Answer:

clip_image002[22]

QUESTION 98
Your network contains an Active Directory forest. The forest contains a single domain named contoso.com. You have an Exchange Server 2013 organization named Contoso. You plan to create an additional SMTP domain named sales.contoso.com. You will use sales.contoso.com as the primary SMTP address for the users in the sales department. You create a new email address policy and apply the policy to the sales users. New sales users report that when they attempt to access their email from the Internet for the first time by using Microsoft Outlook 2010, they fail to connect. The sales users connect to their mailbox internally successfully by using Outlook 2010. All other users can connect to their mailbox from the Internet and internally. You need to ensure that the new sales users can connect to the Exchange Server 2013 organization by using Outlook Anywhere from the Internet. Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two.)

A.    Modify each existing Service Connection Point (5CP) object in Active Directory to point to auto
discover.sales.contoso.com.
B.    From DNS Manager, create a host (A) record for autodiscover.sales.contoso.com.
C.    On the Client Access servers, deploy a new certificate that includes the autodiscover.sales.contoso.com
name.
D.    Create a new Autodiscover virtual directory on the Client Access servers and configure ExternalURL
to use autodiscover.sales.contoso.com.
E.    Create a new Service Connection Point (SCP) object in Active Directory that points to auto
discover.sales.contoso.com.

Answer: BC
Explanation:
* Externally connected clients are different, because they can’t lookup the SCP in Active Directory from outside of the network. These clients might be roaming laptop users with Outlook, or they might be ActiveSync capable smartphones such as iPhones. In either case they will attempt to connect to Autodiscover by performing a DNS lookup for “autodiscover.smtpdomainname”.
* You need the “autodiscover.smtpdomainname” name in the Exchange 2013 SSL certificate. (C)
* You will only need an autodiscover name for each SMTP domain that a user is likely to enter as their email address. (B)

QUESTION 99
You have an Exchange Server 2013 organization named Contoso. The organization contains a server named Server1 that has Exchange Server 2013 installed. Server1 has the Mailbox server role and the Client Access server role installed. Server1 has a Send connector for a partner company. The Send connector is configured for Domain Security with a domain named adatum.com. The only certificate installed on Server1 expires. You discover that all email messages sent to adatum.com remain in the queue on Server1. On Server1, you install a new certificate from a trusted third-party. You need to ensure that the email messages are delivered to adatum.com. What should you do?

A.    Assign the new certificate to the IIS service.
B.    Send the new certificate to the administrator at adatum.com.
C.    Assign the new certificate to the SMTP service.
D.    Create a new send connector that contains an address space to adatum.com.

Answer: C
Explanation:
* The Enable-ExchangeCertificate cmdlet enables certificates when it updates the metadata that is stored with the certificate. To enable an existing certificate to work with different services, run the Enable-ExchangeCertificate command and specify the services that you want to enable. You can rerun this cmdlet if you want to add new services that use the certificate. When you enable a certificate for the Simple Mail Transfer Protocol (SMTP) service and the certificate contains a FQDN that matches the FQDN of the local computer, the certificate may be published to the Active Directory directory service.

QUESTION 100
Your network contains an Active Directory forest named contoso.com. The forest contains an enterprise root certification authority (CA) named CA1. The network contains a server named EX1 that has Exchange Server 2013 installed. A partner company named A . Datum Corporation has an Active Directory domain named adatum.com. The domain contains a server named EX5 that has Exchange Server 2010 Service Pack 2 (SP2) installed. EX5 has a Receive connector that is configured for mutual TLS. Users in contoso.com plan to send email messages that contain sensitive data to users in adatum.com. You need to ensure that all of the email messages sent from contoso.com to adatum.com are encrypted by using TLS. The solution must ensure that EX1 and EX5 validate server certificates. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A.    Run the set-transportconfig -tlssenddomainsecurelist contoso.com command.
B.    Install a certificate, and then assign the certificate to the IIS service. Send the root certificate for
contoso.com to the administrators in adatum.com.
C.    Run the New-SendConnector cmdlet and specify the domainsecureenabled parameter.
D.    Run the New-SendConnector cmdlet and specify the tlsdomainparameter.
E.    Run the set-transportconfig -tlssenddomainsecurelist adatum.com command.
F.    Install a certificate, and then assign the certificate to the SMTP service. Send the root certificate for
contoso.com to the administrators in adatum.com.

Answer: ACF

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(81-90)!

QUESTION 81
Your company has offices in Miami, Singapore and Montreal. An Active Directory site exists for each office. You have an Exchange Server 2013 organization that contains a server in each site. Each server has the Mailbox server role and the Client Access Server role installed. All users connect to the Miami servers to retrieve the public folder hierarchy. You need to create several public folders on the server in the Singapore office to meet the following requirements:
– Ensure that the public folders are available if a single Mailbox server fails.
– Ensure that the users in the Singapore office connect to their local server to retrieve the public folder hierarchy.
Which actions should you perform? (Each correct answer presents part of the solution. Choose all that apply.)

A.    Create a new public folder mailbox.
B.    Create a new public folder database.
C.    For each public folder mailbox, run the Set-Mailbox cmdlet and specify the – defaultpublicfoldermailbox
parameter.
D.    Run the Add-MailboxDatabaseCopy cmdlet.
E.    For each mailbox in the Singapore office, run the Set-Mailbox cmdlet and specify the – defaultpublicfolder
mailbox parameter.
F.    Run the Set-PublicFolderDatabase cmdlet.

Answer: ACD
Explanation:
NOT B
In Exchange 2013, public folders were re-engineered using mailbox infrastructure to take advantage of the existing high availability and storage technologies of the mailbox database.
Public folder architecture uses specially designed mailboxes to store both the public folder hierarchy and the content. This also means that there’s no longer a public folder database
There is no database-level setting in Exchange 2013. Exchange 2013 has a mailbox-level ability to specify the public folder mailbox, but by default Exchange auto-calculates the per-user hierarchy mailbox.
NOT E
http://technet.microsoft.com/en-us/library/aa997225(v=exchg.141).aspx
Use the Set-PublicFolderDatabase cmdlet to set attributes of public folder databases (Exchange Server 2010)
There’s no longer a public folder database in Exchange Server 2013.
There is no database-level setting in Exchange 2013. Exchange 2013 has a mailbox-level ability to specify the public folder mailbox, but by default Exchange auto-calculates the per-user hierarchy mailbox.
NOT F
Need to set it in the Singapore Office.
Miami users still use the Miami servers to connect to the public folder hiearchy.
A
Need to create a public folder mailbox in the Singapore office.
Public folder architecture uses specially designed mailboxes to store both the public folder hierarchy and the content. This also means that there’s no longer a public folder database
C
Use the Add-MailboxDatabaseCopy cmdlet to create a passive copy of an existing active mailbox database.
The specified Mailbox server must be in the same database availability group (DAG), and the DAG must have quorum and be healthy.
D
Use the Set-MailboxServer cmdlet to modify attributes on a computer running Microsoft Exchange Server 2013 with the Mailbox server role installed.
In Exchange 2007 and Exchange 2010, you could specify which users had access to specific public folders. In Exchange 2013, you can set the default public folder mailbox per user. To do so, run the Set-Mailbox cmdlet with the DefaultPublicFolderMailbox parameter.
This ensures that the users in the Singapore office connect to their local server to retrieve the public folder hierarchy.

QUESTION 82
Drag and Drop Question
Your company plans to deploy an Exchange Server 2013 organization. The network contains an Active Directory forest. The forest contains two domains named contoso.com and child.contoso.com. The forest contains one Active Directory site. To contoso.com, you plan to deploy two servers that have Exchange Server 2013 installed. To child.contoso.com, you plan to deploy two servers that have Exchange Server 2013 installed. To the contoso.com domain, you deploy a new member server named Server1 that runs Windows Server 2012. You need to prepare the forest for the planned deployment of Exchange Server 2013. Which three commands should you run from Server1?
To answer, move the three appropriate commands from the list of commands to the answer area and arrange them in the correct order.

clip_image002
Answer:

clip_image002[4]

QUESTION 83
You have an Exchange Server 2013 organization. You need to ensure that an administrator named Admin1 receives a daily email message that contains a log of all the Exchange Server administrative actions. Which cmdlet should you use in a scheduled task?

A.    Set-AdminAuditLogConfig
B.    Write-AdminAuditLog
C.    New-AdminAuditLogSearch
D.    Search-AdminAuditLog

Answer: C

QUESTION 84
Drag and Drop Question
Your network contains four servers. The servers are configured as shown in the following table.

clip_image001
You create a new user account for a temporary user named User1. You plan to create a new mailbox for User1. You need to recommend which actions must be performed to ensure that User1 can modify only the values of his home phone number attribute and his office location attribute. In which order should you perform the actions?
To answer, move all actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002[6]
Answer:

clip_image002[8]

QUESTION 85
Drag and Drop Question
You need to recommend to a solution to deploy the Outlook app. Which three actions should you recommend performing in sequence?

clip_image002[10]
Answer:

clip_image002[12]

QUESTION 86
Hotspot Question
You need to recommend a solution to meet the business requirements for users accessing their email messages.
Which command should you include in the recommendation? (To answer, select the appropriate options in the answer area.)

clip_image002[14]
Answer:

clip_image002[18]

QUESTION 87
Drag and Drop Question
You are evaluating the planned deployment of the additional Exchange Server 2013 servers. You need to meet the technical requirement for installing all of the anti-spam agents and for enabling antimalware filtering.
What should you do? (To answer, drag the appropriate servers to the correct locations. Each server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

clip_image001[4]
Answer:

clip_image001[6]

QUESTION 88
Your company, Fabrikam Inc., has an Exchange Server 2013 organization. The organization that contains three servers named Server1, Server2, and Server3. Server1 and Server2 are members of a database availability group (DAG) named DAG1. DAG1 contains two mailbox databases. All databases are active on Server1 and replicate to Server2. You start an unplanned maintenance on Server1 and shut down Server1. You discover that the databases
do not mount on Server2. You restart Server1 and the databases mount automatically on Server1. You need to identify what prevents the databases from switching over successfully to Server2. Which cmdlet should you run?

A.    Test-ReplicationHealth
B.    Test-OutlookConnectivity
C.    Test-ServiceHealth
D.    Get-AvailabilityReportOutage

Answer: A
Explanation:
cmdlet is designed for the proactive monitoring of continuous replication and the continuous replication pipeline, the availability of Active Manager, and the health and status of the underlying cluster service, quorum, and network components. The Test-ReplicationHealth cmdlet can be run locally or remotely against any Mailbox server in a DAG.
NOT B
Test-OutlookConnectivity
Use the Test-OutlookConnectivity cmdlet to test end-to-end Microsoft Outlook client connectivity in the Microsoft Exchange Server 2013 organization. This includes testing for Outlook Anywhere (RPC/HTTP) connections.
EXAMPLE 1
This example runs a protocol test from the Mailbox server. Test-OutlookConnectivity -ProbeIdentity “OutlookSelfTestProbe” NOT C
Use the Test-ServiceHealth cmdlet to test whether all the Microsoft Windows services that Exchange requires on a server have started.
The Test-ServiceHealth cmdlet returns an error for any service required by a configured role when the service is set to start automatically and isn’t currently running.
EXAMPLE 1
This example uses the Test-ServiceHealth command without parameters to test the services on the local server.
Test-ServiceHealth
NOT D
Use the Get-AvailabilityReportOutage cmdlet to return the daily downtime (if any) for each service entity and its overridden value (if set) to the overall reported availability for the day. For information about the parameter sets in the Syntax section below, see Syntax. This example returns all outages that occurred the previous day. This cmdlet always returns outages for one day.
Get-AvailabilityReportOutage

QUESTION 89
You have an Exchange Server 2010 organization named adatum.com. You deploy a server that has Exchange Server 2013 installed. You plan to install eight additional servers that have Exchange Server 2013 installed. You are a member of the Organization Management management role group. You hire a temporary Exchange administrator named Temp1. The company’s security policy states that all external consultants must have the minimum number of required permissions on the network. You need to ensure that Temp1 can install a server named Server5. The solution must meet the requirements of the security policy.
Which two tasks should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Run setup and specify the /newprovisionedserver:Server5 parameter.
B.    Add Temp1 to the Delegated Setup management role group.
C.    Add Temp1 to the Exchange Server role group.
D.    Create a new management role and a new role assignment policy.
E.    Run setup and specify the /roles:temp1 parameter

Answer: AB
Explanation:
NOT C
Unable to install a server given this management role
The Exchange Servers management role enables administrators to do the following on individual servers:
Add and remove database availability groups and configure database copies Enable, disable and configure Unified Messaging services Modify transport configuration on Mailbox and Client Access servers Enable and disable Microsoft Outlook Anywhere on Client Access servers Modify Mailbox and Client Access server configuration
Modify Outlook Anywhere configuration on Client Access servers Modify content filtering configuration on Mailbox servers Modify general Exchange server configuration
Modify server monitoring configuration
View the configuration for each server role
This management role is one of several built-in roles in the Role Based Access Control (RBAC) permissions model in Microsoft Exchange Server 2013. Management roles, which are assigned to one or more management role groups, management role assignment policies, users, or universal security groups (USG), act as a logical grouping of cmdlets or scripts that are combined to provide access to view or modify the configuration of Exchange 2013 components, such as mailbox databases, transport rules, and recipients. If a cmdlet or script and its parameters, together called a management role entry, are included on a role, that cmdlet or script and its parameters can be run by those assigned the role. For more information about management roles and management role entries, see Understanding Management Roles.
NOT D
No need to create a new management role
NOT E
Need to use the /NewProvisionedServer parameter setup /roles command is OK for exchange 2007 With temp1 appears to be an invalid command and not applicable to exchange 2013 A
To delegate setup, you must first run Setup.com from a Command Prompt window with the / NewProvisionedServer parameter.
This will not install Exchange on the server, but instead will create a placeholder object for the server in Active Directory and will add the machine account for this server to the Exchange Servers group.
B
Need to Add Temp1 to the Delegated Setup management role group.
Delegated Setup management role group
The Delegated Setup management role group is one of several built-in role groups that make up the Role Based Access Control (RBAC) permissions model in Microsoft Exchange Server 2013. Role groups are assigned one or more management roles that contain the permissions required to perform a given set of tasks. The members of a role group are granted access to the management roles assigned to the role group. For more information about role groups, see Understanding Management Role Groups.
Administrators who are members of the Delegated Setup role group can deploy servers running Exchange 2013 that have been previously provisioned by a member of the Organization Management role group.
Members of the Delegated Setup role group can only deploy Exchange 2013 servers. They can’t manage the server after it’s been deployed.
To manage a server after it’s been deployed, a user must be a member of the Server Management role group.
For more information about RBAC, see Understanding Role Based Access Control.

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(71-80)!

QUESTION 71
Hotspot Question
You discover that one of the Client Access servers in the New York office does not trust the standalone CA. You need to ensure that all of the users who have Windows Phone devices can connect successfully to their mailbox. In which node should you install the root CA certificate? To answer, select the appropriate node in the answer area.

clip_image001
Answer:

clip_image001[4]

QUESTION 72
You have an Exchange Server 2013 organization that contains five servers. All users connect to their mailbox by using a mobile device. All of the users in the finance department are in an organizational unit (OU) named OU1. You need to prevent the finance users from accessing the extended storage on their mobile device. What should you do?

A.    Create a new mobile device mailbox policy, and then run the Set-CasMailbox cmdlet.
B.    Create a new device access rule, and then run the Set-Mailbox cmdlet.
C.    Create a new mobile device mailbox policy, and then run the Set-Mailbox cmdlet.
D.    Create a new device access rule, and then run the Set-CasMailbox cmdlet.

Answer: A
Explanation:
Set-CASMailbox cmdlet
Use the Set-CASMailbox cmdlet to set attributes related to client access for Microsoft Exchange ActiveSync, Microsoft Office Outlook Web App, POP3, and IMAP4 for a specified user. The Set-CASMailbox cmdlet operates on one mailbox at a time. You can configure properties for Outlook Web App, Exchange ActiveSync, POP3, and IMAP4 by using this cmdlet. You can configure a single property or multiple properties by using one statement.
Set-Mailbox cmdlet.
Use the Set-Mailbox cmdlet to modify the settings of an existing mailbox. You can use this cmdlet for one mailbox at a time.
Mobile device mailbox policy
In Microsoft Exchange Server 2013, you can create mobile device mailbox policies to apply a common set of policies or security settings to a collection of users. After you deploy Exchange ActiveSync in your Exchange 2013 organization, you can create new mobile device mailbox policies or modify existing policies. When you install Exchange 2013, a default mobile device mailbox policy is created. All users are automatically assigned this default mobile device mailbox policy.
Device access rule
Use device access rules to allow users to synchronize their mailboxes with specific mobile device families or models.
NOT B C
Use the Set-CASMailbox cmdlet to set attributes related to client access for Microsoft Exchange ActiveSync, Microsoft Office Outlook Web App, POP3, and IMAP4 for a specified user.
NOT D
In Microsoft Exchange Server 2013, you can create mobile device mailbox policies to apply a common set of policies or security settings to a collection of users

QUESTION 73
You have an Exchange Server 2013 server that has a single mailbox database named DB1. You need to move the transaction log files of DB1. Which cmdlet should you run?

A.    Move-DatabasePath
B.    Move-Mailbox
C.    Set-ExchangeServer
D.    Set-MailboxDatabase

Answer: A

QUESTION 74
You have an Exchange Server 2013 organization named contoso.com.
Your company is Investigating a user named User1. You need to prevent User1 from permanently deleting the items in his mailbox.
What should you run?

A.    Set-Mailbox User1 -LitigationHoldEnabled $true
B.    Set-Mailbox User1 -ModerationEnabled $true
C.    Set-Mailbox User1 -RetainDeletedItemsUntilBackup $true
D.    Set-Mailbox User1 -RetentionHoldEnabled $true

Answer: A

QUESTION 75
You have an Exchange 2013 organization. You have an administrative user named Admin1. You need to ensure that Admin1 can move mailboxes in the organization. The solution must assign the minimum amount of permissions to Admin1. What should you do?

A.    Create a local move request.
B.    Create a custom Management role. Assign the role to Admin1.
C.    Add Admin1 to the Organization Management role group.
D.    Add Admin1 to the Recipient Management security group.

Answer: B

QUESTION 76
Hotspot Question
Your company has two offices. The offices are configured as shown in the following table.

clip_image001[6]
The offices connect to each other by using a WAN link that has a latency of more than 700 ms. You plan to deploy an Exchange Server 2013 organization to meet the following requirements:
– Ensure that users can access their mailbox if the WAN link fails.
– Ensure that users can access their mailbox if a single server fails.
– Ensure that users can access their mailbox if a single database fails.
You recommend deploying one or more database availability groups (DAGs) and mailbox database copies. You need to identify which design meets the requirements for the planned deployment.
Which design should you identify?
To answer, select the appropriate design in the answer area.

clip_image001[8]
Answer:

clip_image001[10]
Explanation:
File Share Witness
The file share witness is used to establish a majority node set. This is done by create a share on a server that gets a little file place into it automatically. The server hosting the cluster resource (which in the DAG I think is the Primary Activation Manager server) keeps an open file lock on this file.
The other servers see this open file lock and interpret this as meaning another cluster node is online, healthy, and available.
A file share witness is used when the DAG contains an even number of servers within it. When you initially create the DAG you must specify the server and file location that will act as the file share witness regardless of how many servers are in the DAG (0 to start) to ensure that if you do add an even number of DAG members the FSW will be properly used.
Database Availability Group
A database availability group (DAG) is a set of up to 16 Microsoft Exchange Server 2013 Mailbox servers that provide automatic database-level recovery from a database, server, or network failure. When a Mailbox server is added to a DAG, it works with the other servers in the DAG to provide automatic, database-level recovery from database, server, and network failures. DAGs use continuous replication and a subset of Windows failover clustering technologies to provide high availability and site resilience.
Mailbox servers in a DAG monitor each other for failures. When a Mailbox server is added to a DAG, it works with the other servers in the DAG to provide automatic, database-level recovery from database failures.
When you create a DAG, it’s initially empty, and a directory object is created in Active Directory that represents the DAG. The directory object is used to store relevant information about the DAG, such as server membership information. When you add the first server to a DAG, a failover cluster is automatically created for the DAG. In addition, the infrastructure that monitors the servers for network or server failures is initiated. The failover cluster heartbeat mechanism and cluster database are then used to track and manage information about the DAG that can change quickly, such as database mount status, replication status, and last mounted location. Witness server and witness directory The witness server is a server outside the DAG that acts as a quorum voter when the DAG contains an even number of members. The witness directory is a directory created and shared on the witness server for use by the system in maintaining a quorum.
Lagged copy of a mailbox database
A Lagged Mailbox Database Copy is a mailbox database copy configured with a replay lag time value greater than 0.
A lagged database copy is one that is not updated by replaying transactions as they become available.
Instead, the transaction logs are kept for a certain period and are then replayed. The lagged database copy is therefore maintained at a certain remove to the active database and the other non-lagged database copies. If you are planning to have more than two passive database copies of a database, think about a lagged copy also as an additional protection against unpredicted situations Lagged copies aren’t considered highly available copies. Instead, they are designed for disaster recovery purposes, to protect against store logical corruption. The greater the replay lag time set, the longer the database recovery process. Depending on the number of log files that need to replayed during recovery, and the speed at which your hardware can replay them, it may take several hours or more to recover a database.

clip_image001[12]
The above configuration provides a symmetrical design. All four servers have the same four databases all hosted on a single disk per server.
The key is that the number of copies of each database that you have should be equal to the number of database copies per disk.
In the above example, there are four copies of each database: one active copy, two passive copies, and one lagged copy. Because there are four copies of each database, the proper configuration is one that has four copies per volume. In addition, activation preference is configured so that it’s balanced across the DAG and across each server.
For example, the active copy will have an activation preference value of 1, the first passive copy will have an activation preference value of 2, the second passive copy will have an activation preference value of 3, and the lagged copy will have an activation preference value of 4.
Lagged mailbox database copy
A passive mailbox database copy that has a log replay lag time greater than zero.
Crossed Lines
DAG Replication 1 and 2
Circled Areas
Site 1 and Site 2 (or DataCenter1 and DataCenter2)
WAN LINK between Site1 and Site2
High Availability with Site Resiliency Exchange 2010 Example
http://jaworskiblog.com/2011/05/17/exchange-2010-design-principles-for-high-availability-and-site- resiliency/
FSW is the File Share Witness

clip_image001[14]

clip_image002

ASIDE
Windows NLB is not supported across sites.
It is not recommended to use an HLB to load balance across sites. PICTURE1 OFFERS THE BEST DESIGN IN ORDER TO MEET THE SPECIFIED CRITERIA.
MORE FAULTS WITH THE OTHERS.
PICTURE1 HOWEVER DOES NOT OFFER SITE RESILIENCY.
– Ensure that users can access their mailbox if the WAN link fails.
– Ensure that users can access their mailbox if a single server fails.
– Ensure that users can access their mailbox if a single database fails.
Picture1
The DAG is NOT extended across multiple data centers in a site resilience configuration.
The design offers high availability within each site.
However if a node fails or the wan link fails the respective file share witness for each DAG is still available unlike the other 3 configurations.
Picture2
The DAG is extended across multiple data centers in a site resilience configuration.
No high availability within each site.
If the wan link is unavailable the file share witness for Site2 would be unavailable This is a split brain scenario, both sites believe that they are the rightful owner of the database, and thus would mount their respective DB’s. This would cause a divergence in data. Email could be sent to either database leaving to a difference between the databases on the respective mailbox servers.
Picture3
The DAG is extended across multiple data centers in a site resilience configuration. FSW on Site2 in the event of a wan failure means that the servers cannot contact a FSW Even number of nodes on the respective site with an inability to contact the FSW. This is a split brain scenario, both sites believe that they are the rightful owner of the database, and thus would mount their respective DB’s. This would cause a divergence in data. Email could be sent to either database leaving to a difference between the databases on the respective mailbox servers.
A file share witness is used when the DAG contains an even number of servers within it. A Node Majority quorum model is used for DAGs with an odd number of members. A Node and File Share Majority quorum is used for DAGs with an even number of members.
The DAG needs to be able to make Quorum.
When 1 node fails in Site1 and the wan link is down,1 out of 2 nodes left is not a majority. Need to be able to connect to the file share witness to obtain a majority.
Picture4
1 DAG across both sites provides site resiliency but FSW on Site1 in the event of a wan failure means that the servers cannot contact a FSW A file share witness is used when the DAG contains an even number of servers within it.
Even number of nodes on the respective site with an inability to contact the FSW. This is a split brain scenario, both sites believe that they are the rightful owner of the database, and thus would mount their respective DB’s. This would cause a divergence in data. Email could be sent to either database leaving to a difference between the databases on the respective mailbox servers.
A file share witness is used when the DAG contains an even number of servers within it. A Node Majority quorum model is used for DAGs with an odd number of members. A Node and File Share Majority quorum is used for DAGs with an even number of members.

QUESTION 77
You deploy a server that has the Exchange Server 2013 Mailbox server role and Client Access server role installed. You need to configure anti-spam to meet the following requirements:
– Email messages sent from the Internet to a distribution list named Executives must be rejected.
– Email messages that contain the words casino and jackpot must be rejected, unless they were sent to legal@contoso.com.
Which three cmdlets should you run? (Each correct answer presents part of the solution. Choose three.)

A.    Add ContentFilterPhrase
B.    Set-ContentFilterConfig
C.    Set-TransportConfig
D.    Set-SenderReputationConfig
E.    Set-RecipientFilterConfig

Answer: ABE
Explanation:
NOT C
Use the Set-TransportConfig cmdlet to modify the transport configuration settings for the whole Exchange organization.
This example configures the Exchange organization to redirect all journaling reports that can’t be delivered to the journaling mailbox to the email account journalingndr@contoso.com.
Set-TransportConfig -JournalingReportNdrTo journalingndr@contoso.com
NOT D
Use the Set-SenderReputationConfig cmdlet to modify the sender reputation configuration on a Mailbox server or an Edge Transport server.
Sender reputation is part of the Exchange anti-spam functionality that blocks messages according to many characteristics of the sender.
Sender reputation relies on persisted data about the sender to determine what action, if any, to take on an inbound message. The Protocol Analysis agent is the underlying agent for sender reputation functionality.
When you configure anti-spam agents on an Exchange server, the agents act on messages cumulatively to reduce the number of unsolicited messages that enter the organization.

QUESTION 78
Your company named Contoso, Ltd., has an Exchange Server 2013 organization named contoso.com. The network contains an Active Directory domain. The domain contains an organizational unit (OU) named SalesOU. SalesOU contains two users named User1 and User2. Contoso purchases a domain name adatum.com. You need to change the primary SMTP address of all the users in SalesOU to use the SMTP suffix of adatum.com. The solution must not remove the contoso.com email address. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    Create a new email address policy and apply the policy to the users in SalesOU.
B.    Change the default email address policy to include adatum.com.
C.    Create a new remote domain for adatum.com.
D.    Create a new accepted domain for adatum.com and set the domain type to Authoritative Domain.
E.    Create a new accepted domain for adatum.com and set the domain type to External RelayDomain.

Answer: AD
Explanation:
NOT B
No need to change the default email policy.
Create a new email address policy
NOT C
No need for a remote domain
You can create remote domain entries to define the settings for message transfer between the Microsoft Exchange Server 2013 organization and domains outside your Exchange organization.
When you create a remote domain entry, you control the types of messages that are sent to that domain. You can also apply message format policies and acceptable character sets for messages that are sent from users in your organization to the remote domain. The settings for remote domains are global configuration settings for the Exchange organization.
The remote domain settings are applied to messages during categorization in the Transport service on Mailbox servers. When recipient resolution occurs, the recipient domain is matched against the configured remote domains. If a remote domain configuration blocks a specific message type from being sent to recipients in that domain, the message is deleted. If you specify a particular message format for the remote domain, the message headers and content are modified. The settings apply to all messages that are processed by the Exchange organization.
NOT E
Do not want to use a relay server.When you configure an external relay domain, messages are relayed to an email server that’s outside your Exchange organization and outside the organization’s network perimeter.
Typically, most Internet-facing messaging servers are configured to not allow for other domains to be relayed through them.
However, there are scenarios where you may want to let partners or subsidiaries relay email through your Exchange servers. In Exchange 2013, you can configure accepted domains as relay domains. Your organization receives the email messages and then relays the messages to another email server.
You can configure a relay domain as an internal relay domain or as an external relay domain. These two relay domain types are described in the following sections.
Corrent Answer A
Need to create a new email address policy
Corrent Answer D
There are three types of accepted domains: authoritative, internal relay, and external relay.
Configure an Accepted Domain within Your Exchange Organization as Authoritative
Applies to: Exchange Server 2013
If a domain belonging to your organization hosts mailboxes for all the recipients within an SMTP namespace, that domain is considered to be authoritative.
By default, one accepted domain is configured as authoritative for the Exchange organization.
If your organization has more than one SMTP namespace, you can configure more than one accepted domain as authoritative.

QUESTION 79
Drag and Drop Question
You have an Exchange Server 2013 organization named Contoso. The organization is configured to apply a disclaimer to all email messages sent to external recipients. Your company works with a partner company named A. Datum Corporation. A. Datum has an SMTP domain named adatum.com. You need to ensure that email messages sent to adatum.com meet the following compliance requirements:
– Messages sent to adatum.com must NOT include the disclaimer.
– Messages that contain credit card numbers must NOT be sent to adatum.com.
– If a user writes a message that contains a credit card number and the message is addressed to a recipient at adatum.com, the user must receive a notification before the message is sent.
What should you configure for each requirement?
To answer, drag the appropriate configuration to the correct requirement in the answer area. Each configuration may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.

clip_image002[4]
Answer:

clip_image002[6]
Explanation:
Box 1: A transport rule exception
Box 2: A data loss prevention policy
Box 3: a Policy Tip
Note:
* Each transport rule can have exceptions that specify what to exclude from the condition. Exceptions typically determine a subset of criteria identified in the condition. If you use transport rules, you can specify what information you don’t want to enter or leave the organization, which individuals or groups shouldn’t be able to communicate with one another, how messages are handled based on how they are classified by the sender, and more.
* The Data loss prevention (DLP) feature in the new Exchange will help you identify, monitor, and protect sensitive information in your organization through deep content analysis. DLP is increasingly important for enterprise message systems because business critical email includes sensitive data that needs to be protected. It’s the financial information, personally identifiable information (PII) and intellectual property data that can be accidently sent to unauthorized users that keeps the CSO up all night.
* Policy Tip notification messages are displayed to users in Outlook while they are composing an email message. Policy Tip notification messages only show up if something about the sender’s email message seems to violate a DLP policy that you have in place and that policy includes a rule to notify the sender when the conditions that you establish are met.
* Incorrect: MailTips are evaluated every time a sender adds a recipient to a message. Reference: Introducing Data Loss Prevention in the New Exchange; Policy Tips

QUESTION 80
Drag and Drop Question
You have an Exchange Server 2013 organization that contains three servers named EX1, EX2, and EX3. The servers are members of a database availability group (DAG) named DAG1. A mailbox database named DB1 is replicated to all the members of DAG1.
EX3 experiences a complete hardware failure.
You need to restore EX3 on a new server.
You reset the computer account for EX3.
Which three actions should you perform next?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002[8]
Answer:

clip_image002[10]
Explanation:
Note: Use Setup /m:RecoverServer to recover a server
Retrieve any replay lag or truncation lag settings for any mailbox database copies that exist on the server being recovered by using the Get-MailboxDatabase cmdlet. (Box 1) Remove any mailbox database copies that exist on the server being recovered by using theRemove-MailboxDatabaseCopy cmdlet.
(Box 1) Remove the failed server’s configuration from the DAG by using the Remove- DatabaseAvailabilityGroupServer cmdlet.
Reset the server’s computer account in Active Directory. For detailed steps, see Reset a Computer Account.
(Box 2) Open a Command Prompt window. Using the original Setup media, run the following command.
Setup /m:RecoverServer
(Box 3) When the Setup recovery process is complete, add the recovered server to the DAG by using the Add-DatabaseAvailabilityGroupServer cmdlet.
(Box 3) After the server has been added back to the DAG, you can reconfigure mailbox database copies by using the Add-MailboxDatabaseCopy cmdlet.
* You can recover a lost server by using the Setup /m:RecoverServer switch in Microsoft Exchange Server 2013. Most of the settings for a computer running Exchange 2013 are stored in Active Directory. The /m:RecoverServer switch rebuilds an Exchange server with the same name by using the settings and other information stored in Active Directory.
Reference: Recover a Database Availability Group Member Server

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(61-70)!

QUESTION 61
Drag and Drop Question
You are evaluating the implementation of a second Edge Transport server named EDGE2 in the Amsterdam office. You need to recommend which tasks must be performed to ensure that email messages can be sent by the organization if a single Edge Transport server fails. Which three actions should you include in the recommendation?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002
Answer:

clip_image002[4]

QUESTION 62
You need to recommend which type of group must be used to create the planned department lists.
Which type of group should you recommend?

A.    Universal Distribution
B.    Dynamic Distribution
C.    Global Security
D.    Universal Security

Answer: A
Explanation:
A
Universal Distribution
Mail-enabled universal distribution groups (also called distribution groups) can be used only to distribute messages.
NOT B
A dynamic distribution group is a distribution group that uses recipient filters and conditions to derive its membership at the time messages are sent.
http://technet.microsoft.com/en-us/library/bb123722(v=exchg.150).aspx
Use the EAC to create a dynamic distribution group
As ExamTester from Netherlands commented below
But the Fabrikam case asks that users must be able to add and remove themselves from the distribution group. This is not possible using a dynamic group since membership is dynamically calculated based on attributes
Use this explanation for NOT B
http://technet.microsoft.com/en-us/library/bb201680(v=exchg.150).aspx
You can’t use Exchange Server 2013 to create non-universal distribution groups.
Mail-enabled non-universal groups were discontinued in Exchange Server 2007 and can exist only if they were migrated from Exchange 2003 or earlier versions of Exchange.
Seems to contradict the above.
NOT C D
In Exchange, all mail-enabled groups are referred to as distribution groups, whether they have a security context or not.

QUESTION 63
You need to recommend which tasks must be performed to meet the technical requirements of the research and development (R&D) department. Which two tasks should you recommend? (Each correct answer presents part of the solution. Choose two.)

A.    Create a new global address list (GAL) and a new address book policy.
B.    Modify the permissions of the default global address list (GAL), and then create a new GAL.
C.    Run the Update AddressList cmdlet.
D.    Run the Set-Mailbox cmdlet.
E.    Create an OAB virtual directory.

Answer: AD
Explanation:
NOT B
Need an address book policy
NOT C
Update AddressList cmdlet
Use the Update-AddressList cmdlet to update the recipients included in the address list that you specify.
EXAMPLE 1
This example updates the recipients of the address list building4 and under the container All Users\Sales.
Update-AddressList -Identity “All Users\Sales\building4”
NOT E
Will not resolve the issue
Need an address book policy and to assign this policy to users.
A
Address book policies (ABPs) allow you to segment users into specific groups to provide customized views of your organization’s global address list (GAL).
When creating an ABP, you assign a GAL, an offline address book (OAB), a room list, and one or more address lists to the policy.
You can then assign the ABP to mailbox users, providing them with access to a customized GAL in Outlook and Outlook Web App.
The goal is to provide a simpler mechanism to accomplish GAL segmentation for on-premises organizations that require multiple GALs.
D
After you create an address book policy (ABP), you must assign it to mailbox users. Users aren’t assigned a default ABP when their user account is created.
If you don’t assign an ABP to a user, the global address list (GAL) for your entire organization will be accessible to the user through Outlook and Outlook Web App.
This example assigns the ABP All Fabrikam to the existing mailbox user joe@fabrikam.com.
Set-Mailbox -Identity joe@fabrikam.com -AddressBookPolicy “All Fabrikam”

QUESTION 64
You are testing the planned implementation of Domain Security. You discover that users fail to exchange domain-secured email messages. You open the Exchange Management Shell and discover the output shown in the exhibit. (Click the Exhibit button.)

clip_image002[6]
You need to ensure that users can exchange email messages by using Domain Security. Which two parameters should you modify by using the Set-SendConnector cmdlet? (Each correct answer presents part of the solution. Choose two.)

A.    tlsauthlevel
B.    requiretls
C.    ignorestarttls
D.    tlsdomain
E.    domainsecureenabled
F.    smarthostauthmechanism

Answer: BE
Explanation:
NOT TLSAUTHLEVEL
The TlsAuthLevel parameter specifies the TLS authentication level that is used for outbound TLS connections established by this Send connector. Valid values are:
EncryptionOnly: TLS is used only to encrypt the communication channel. No certificate authentication is performed.
CertificateValidation: TLS is used to encrypt the channel and certificate chain validation and revocation lists checks are performed.
DomainValidation: In addition to channel encryption and certificate validation, the Send connector also verifies that the FQDN of the target certificate matches the domain specified in the TlsDomain parameter. If no domain is specified in the TlsDomain parameter, the FQDN on the certificate is compared with the recipient’s domain.
You can’t specify a value for this parameter if the IgnoreSTARTTLS parameter is set to $true, or if the RequireTLS parameter is set to $false.
NOT ignorestarttls
The IgnoreSTARTTLS parameter specifies whether to ignore the StartTLS option offered by a remote sending server.
This parameter is used with remote domains. This parameter must be set to $false if the RequireTLS parameter is set to $true. Valid values for this parameter are $true or $false.
NOT tlsdomain
The TlsDomain parameter specifies the domain name that the Send connector uses to verify the FQDN of the target certificate when establishing a TLS secured connection.
This parameter is used only if the TlsAuthLevel parameter is set to DomainValidation.
A value for this parameter is required if:
The TLSAuthLevel parameter is set to DomainValidation.
The DNSRoutingEnabled parameter is set to $false (smart host Send connector).
NOT smarthostauthmechanism
The SmartHostAuthMechanism parameter specifies the smart host authentication mechanism to use for authentication with a remote server.
Use this parameter only when a smart host is configured and the DNSRoutingEnabled parameter is set to $false.
Valid values are None, BasicAuth, BasicAuthRequireTLS, ExchangeServer, and ExternalAuthoritative.
All values are mutually exclusive. If you select BasicAuth or BasicAuthRequireTLS, you must use the AuthenticationCredential parameter to specify the authentication credential.

QUESTION 65
You need to recommend which recovery solution will restore access to all of the mailboxes in AccountingDB if EX1 fails. The solution must restore access to email messages as quickly as possible.
Which recovery solution should you recommend?

A.    On EX2, create a new mailbox database. Restore the database files, and then mount the database.
Run the New-MailboxRestoreRequest cmdlet for all of the mailboxes in the database.
B.    On EX2, create a new mailbox database. Restore the database files, and then mount the database.
Run the Set-Mailbox cmdlet for all of the mailboxes in the database.
C.    On replacement hardware, run setup /mode:recoverserver. Restore the database files, and then mount
the database. Run the Set-Mailbox cmdlet.
D.    On replacement hardware, run setup /mode:recoverserver. Restore the database files, and then mount
the database. Run the New-MailboxRestoreRequest cmdlet for all of the mailboxes in the database.

Answer: A
Explanation:
http://technet.microsoft.com/en-us/library/ee332351%28v=exchg.150%29.aspx

QUESTION 66
You have an Exchange Server 2013 organization. All user mailboxes have an In-Place Archive enabled.
You need to identify which email message types can be archived by using a retention policy. Which message type or types should you identify? (Each correct answer presents part of the solution. Choose all that apply.)

A.    calendar items
B.    mail items
C.    note items
D.    task items
E.    contact items

Answer: BCE

QUESTION 67
Hotspot Question
You need to recommend which script the administrators must run to create the reports required to meet the technical requirements. Which script should you recommend? To answer, select the appropriate script in the answer area.

clip_image002[8]
Answer:

clip_image002[10]

QUESTION 68
You need to create an exclusion for two helpdesk RBAC (Role Based Access Control) groups to not have access to managers. You will need to pick 3 powershell commands from the available choices

A.    New-ManagementRole, New-ManagementScope,Set-ManagementScope (Guessed)
B.    New-ManagementScope, RecipientRestrictionFilter ,New-ManagementRoleAssignment (Guessed)
C.    New-ManagementScope, New-ManagementRoleAssignment, CustomRecipientWriteScope (Guessed)
D.    Unsure of commands and correct answer

Answer: D

QUESTION 69
Drag and Drop Question
You have an Exchange Server 2013 organization that contains two servers. The servers are configured as shown in the following table.

clip_image001
You need to create a new database availability group (DAG) that contains EX1 and EX2.
Which three actions should you perform?
To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002[12]
Answer:

clip_image002[14]

QUESTION 70
You have an Exchange Server 2013 organization that contains one Client Access server. The Client Access server is accessible from the Internet by using a network address translation (NAT) device. You deploy an additional Client Access server. You also deploy an L4 hardware load balancer between the Client Access servers and the NAT device. After deploying the hardware load balancer, you discover that all of the Exchange Server traffic is directed to a single Client Access server. You need to ensure that the hardware load balancer distributes traffic evenly across both Client Access servers. What should you do?

A.    Change the default route of the Client Access servers to point to the hardware load balancer.
B.    Configure the NAT device to pass the original source IP address of all connections from the Internet.
C.    Configure the Client Access servers to have a second IP address and web site. Create the Exchange
virtual directories in the new sites.
D.    Configure SSL offloading on the hardware load balancer and the Client Access servers.

Answer: B
Explanation:
Level 4 Load Balancer
A load balancer is a server computer with a very specialized operating system tuned to manage network traffic using user-created rules. Enterprises and hosting companies rely on load-balancing devices to distribute traffic to create highly available services L4 load balancing is fairly simple, two servers sharing the same IP address. You get redirected to the less-busy server. The most popular Layer 4 load balancing techniques are:
round-robin
weighted round-robin
least connections
weighted least connections
NOT A
http://pdfs.loadbalancer.org/Microsoft_Exchange_2013_Deployment_Guide.pdf If there was no NAT device and the load balancer was completing the NAT translation then there maybe some merit in this answer option. B is a better answer given this scenario.
NOT C
No need to configure the Client Access servers to have a second IP address.
NOT D
Not required in this scenario
SSL offloading relieves a Web server of the processing burden of encrypting and/or decrypting traffic sent via SSL, the security protocol that is implemented in every Web browser. The processing is offloaded to a separate device designed specifically to perform SSL acceleration or SSL termination.
Correct Answer B
When using source NAT, the client IP address is not passed to the load balanced server. The insertion of the Client IP address into the header allows the exchange servers to see the IP that made the connection.
http://pdfs.loadbalancer.org/Microsoft_Exchange_2013_Deployment_Guide.pdf

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(51-60)!

QUESTION 51
Hotspot Question
Your network contains an Active Directory forest named contoso.com. The forest contains two sites named Site1 and Site2. You have an Exchange Server 2013 organization that contains two servers. The servers are configured as shown in the following table.

clip_image001
An administrator creates a new Active Directory site named Site3. The administrator creates mailboxes for the users in Site3. All of the mailboxes of the Site3 users are located on EX1. Site3 contains a domain controller named dc3.contoso.com. The Site3 users report that sometimes, when they open Microsoft Outlook, it takes a long time to access their mailbox. You need to reduce the amount of time it takes for the users to access their mailbox. Which command should you run? (To answer, select the appropriate options in the dialog box in the answer area.)

clip_image002

clip_image002[4]
Answer:

clip_image002[6]
Explanation:
Autodiscover Service
Microsoft Exchange 2013 includes a service named the Autodiscover service. This topic gives an overview of the service and explains how it works, how it configures Outlook clients, and what options there are for deploying the Autodiscover service in your messaging environment.
The Autodiscover service does the following:
Automatically configures user profile settings for clients running Microsoft Office Outlook 2007, Outlook 2010, or Outlook 2013, as well as supported mobile phones. Phones running Windows Mobile 6.1 or a later version are supported. If your phone isn’t a Windows Mobile phone, check your mobile phone documentation to see if it’s supported.
Provides access to Exchange features for Outlook 2007, Outlook 2010, or Outlook 2013 clients that are connected to your Exchange messaging environment.
Uses a user’s email address and password to provide profile settings to Outlook 2007, Outlook 2010, or Outlook 2013 clients and supported mobile phones. If the Outlook client is joined to a domain, the user’s domain account is used.
When you install a Client Access server in Exchange 2013, a default virtual directory named Autodiscover is created under the default website in Internet Information Services (IIS). This virtual directory handles Autodiscover service requests from Outlook 2007, Outlook 2010, and Outlook 2013 clients and supported mobile phones under the following circumstances:
When a user account is configured or updated
When an Outlook client periodically checks for changes to the Exchange Web Services URLs When underlying network connection changes occur in your Exchange messaging environment Additionally, a new Active Directory object named the service connection point (SCP) is created on the server where you install the Client Access server. The SCP object contains the authoritative list of Autodiscover service URLs for the forest. You can use the Set-
ClientAccessServer cmdlet to update the SCP object. For more information, see Set- ClientAccessServer.
SECTION1
Set-ClientAccessServer EX1
Use the Set-ClientAccessServer cmdlet to set properties on specified Client Access server objects. Use the Set-ClientAccessServer cmdlet to change AutoDiscover settings.
NOT Set-ExchangeServer
Use the Set-ExchangeServer cmdlet to set Exchange attributes in Active Directory for a specified server.
NOT Set-RPCClientAccess
Use the Set-RpcClientAccess cmdlet to manage the settings for the Exchange RPC Client Access service that’s running on a Microsoft Exchange Server 2010 Client Access server.
SECTION2
-AutoDiscoverSiteScope ‘Site1;Site3’
The AutoDiscoverSiteScope parameter specifies the site for which the Autodiscover service is authoritative.
Clients that connect to the Autodiscover service by using the internal URL must belong to a listed site.
NOT -AutoDiscoverServiceInternalURI
The AutoDiscoverServiceInternalUri parameter specifies the internal URL of the Autodiscover service.
Need to specify Site3
NOT -IgnoreDefaultScope
NOT a parameter of Set-ClientAccessServer
The IgnoreDefaultScope parameter instructs the command to ignore the default recipient scope setting for the
Exchange Management Shell session and use the entire forest as the scope. This allows the command to access Active Directory objects that aren’t currently in the default scope. Using the
IgnoreDefaultScope parameter introduces the following restrictions:
You can’t use the DomainController parameter. The command uses an appropriate global catalog server automatically.
You can only use the DN for the Identity parameter. Other forms of identification, such as alias or GUID, aren’t accepted.
You can’t use the OrganizationalUnit and Identity parameters together.
You can’t use the Credential parameter.
NOT -DomainController
The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.
Will not resolve the issue.

QUESTION 52
You deploy an Active Directory forest that contains two domains named contoso.com and child.contoso.com. You plan to deploy Exchange Server 2013 servers to the child.contoso.com domain. You need to prepare Active Directory for the installation of the first Exchange Server 2013 servers. Which command should you run in each domain? (To answer, drag the appropriate commands to the correct domains. Each command may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

clip_image002[8]
Answer:

clip_image001[4]
Explanation:
THE SUPPLIED ANSWER IS CORRECT.
FOR 3 STEPS USE
1. SETUP/PREPARESCHEMA
2. SETUP/PREAREAD
3. SETUP /PREPAREDOMAIN
HOWEVER THE ANSWER ONLY PROVIDES FOR 2 STEPS.
IF YOU RUN SETUP /PREPAREAD THEN THIS COMMAND CHECKS TO SEE IF THE SCHEMA EXTENSIONS HAVE BEEN INSTALLED
AND IF NOT THEN IT PROCEEDS TO INSTALL THEM.
HENCE SETUP /PREPAREAD IS CORRECT
A TRICK QUESTION FROM MICROSOFT TO CHECK IF YOU KNOW HOW SETUP /PREPAREAD ACTUALLY OPERATES.
References
http://messagingserversupport.com/2013/03/06/how-to-install-exchange-2013-rtm-on-windows- server-2012/
http://books.google.com.au/books?id=3bIRAAAAQBAJ&pg=PA323&lpg=PA323&dq=prepare+child+d omains
+for+exchange+2013&source=bl&ots=9OBBo0R2H9&sig=iu1yUeD2ckRsBryxGHi6MTs8Bk& hl=en&sa=X&ei=YPP-UfblDqauiQezrYCoCw&ved=0CG8Q6AEwBw#v=onepage&q=prepare %20child%20domains%20for%20exchange%202013&f=false
Forums
anon from United States – Jul 24 2013, 6:59 PM Report Spam @steaven It is confusing, but the answer in this dump is wrong for general q36: what is correct in contoso .com
/preparead or prepareschema . If you read TechNet article: http://technet.microsoft.com/en- us/library/bb125224
(v=exchg.150).aspx the correct answer is: first install the Active Directory management tools, prepareSchema,
prepare AD
steaven from Slovakia – Jul 22 2013, 6:43 PM Report Spam Hi can you please tell me why there are different answers in this test and Microsoft.PracticeTest.70- 341.v2013-
05-19.by.tinbum.91q.vce
For example: general q36: what is correct in contoso .com /preparead or prepareschema PrepareSchema
Setup.exe /PrepareSchema /IAcceptExchangeServerLicenseTerms To run this command you must be a member of Schema admin and Enterprise admins group. This command should be executed from the same domain and same active directory site as Schema Master server.
This imports 100 ldf files to update the schema with Exchange 2013 specific attributes. Child domains NEVER have the Schema Master UNLESS you explicitly moved it there from the Root Forest Domain (the default is the VERY FIRST DC of the Forest.) PrepareAd
Verifies the active directory schema is updated for Exchange 2013 RTM , If not it will prepare the active directory schema first.
Creates Microsoft Exchange container and it’s sub containers under configuration partition of the Active directory database.
Creates “Microsoft Exchange Security Groups” OU in the root domain tree within forest and set permissions on this OU.
Assign permission throughout the active directory configuration Creates universal security groups under Microsoft Exchange Security Groups OU It also prepares the local domain for Exchange server 2013 PrepareDomain
You should be a member of Domain Admins group to run this command. You need to run this command if you are planning to deploy exchange in child domain or any other domain within same forest.
If you want to prepare all domains within your forest so run below command and this would require Enterprise admin permission
Setup.exe /PrepareAlldomains /IAcceptExchangeServerLicenseTerms PREPAREDOMAIN MUST BE RUN ON THE CHILD DOMAIN.
THE ANSWER FOR CHILD.CONTOSO.COM IS CORRECT

QUESTION 53
You have an Exchange Server 2013 organization. Your company has a Service Level Agreement (SLA) stating that you must be able to reconnect disconnected mailboxes to user accounts for up to 365 days. After 365 days, disconnected mailboxes must be deleted permanently. You need to recommend a solution to meet the SLA . What should you include in the recommendation?

A.    Create a retention policy and apply the policy to all mailboxes.
B.    Configure the deleted mailbox retention setting for all databases.
C.    Configure the deleted item retention setting for all databases.
D.    Implement a database availability group (DAG) that contains a lagged copy.

Answer: B
Explantion:
NOT A
Need to modify the deleted mailbox retention settings
In Exchange Server 2013, you can use retention policies to manage email lifecycle. Retention policies are applied by creating retention tags, adding them to a retention policy, and applying the policy to mailbox users.
After you create retention tags, add them to a retention policy, and apply the policy to a mailbox user, the next time the MRM mailbox assistant processes the mailbox, messages are moved or deleted based on settings you configured in the retention tags.
NOT C
Not related to an item but to databases
NOT D
Need to modify the  deleted mailbox retention settings.
DAG with a lagged copy is not modifying the mailbox retention policy settings.
B
Disabled and deleted mailboxes are retained in the mailbox database until the deleted mailbox retention period expires, which is 30 days by default.
This example configures a deleted item retention period of 365 days for the mailbox database MDB2.
Set-MailboxDatabase -Identity MDB2 -DeletedItemRetention 365

QUESTION 54
A user fails to connect to his mailbox by using Outlook Anywhere. The user successfully connects to the mailbox by using an Exchange ActiveSync-enabled mobile device and Outlook Web App. You need to identify what prevents the users from connecting to the mailbox by using Outlook Anywhere. Which tool should you use?

A.    Microsoft Outlook
B.    Microsoft Exchange Server Deployment Assistant
C.    Microsoft Exchange RPC Extractor
D.    Microsoft Exchange Server Profile Analyzer
E.    Microsoft Exchange Server User Monitor
F.     Microsoft Exchange Load Generator
G.     Exchange Remote Connectivity Analyzer
H.    Exchange Server MAPI Editor

Answer: G
Explanation:
G
Exchange Remote Connectivity Analyzer (ExRCA
The Exchange Remote Connectivity Analyzer (ExRCA) is a web-based tool designed to test connectivity with a variety of Exchange protocols.
You can access the ExRCA https://www.testexchangeconnectivity.com/.
The Microsoft Exchange Remote Connectivity Analyzer (ExRCA) can help you confirm that connectivity for your Exchange servers is configured correctly and diagnose any connectivity issues.
The Remote Connectivity
Analyzer website offers tests for Microsoft Exchange ActiveSync, Exchange Web Services, Microsoft Outlook, and Internet email.

clip_image002[10]

QUESTION 55
Drag and Drop Question
You have an Exchange Server 2013 organization that contains a database availability group (DAG). There are four copies of every mailbox database. One of the copies is a lagged copy configured to have a replay lag time of 14 days. All mailboxes have single item recovery enabled. All databases are configured to have a deleted item retention period of seven days. A company executive reports that an email message, which was deleted 10 days ago, must be restored. You need to ensure that you can recover the email message from the lagged copy of the mailbox database. The solution must preserve the lagged copy of the mailbox database. Which three actions should you perform? To answer, move the three appropriate actions from the list of actions to the answer area and arrange them in the correct order.

clip_image002[12]
Answer:

clip_image002[14]

Explanation:
Run the Suspend-MailboxDatabaseCopy cmdlet.
Run the vssadmin command.
Run the eseutil.exe command.
vssadmin
Displays current volume shadow copy backups and all installed shadow copy writers and providers in the command window.
There could be VSS errors causing the datasources not to enumerate. If so, verify that all Exchange Node and Exchange VSS components are functional. Ensure all databases are mounted and healthy Run vssadmin list writers Move-ActiveMailboxDatabase
Use the Move-ActiveMailboxDatabase cmdlet to perform a database or server switchover. This example performs a switchover of the database DB2 to the Mailbox server MBX1. When the command completes, MBX1 hosts the active copy of DB2.
Because the MountDialOverride parameter is set to None, MBX1 mounts the database using its own defined database auto mount dial settings.
Move-ActiveMailboxDatabase DB2 -ActivateOnServer MBX1 -MountDialOverride:None The SkipLagChecks parameter specifies whether to allow a copy to be activated that has replay and copy queues outside of the configured criteria.
eseutil.exe
The key to matching log files and databases is the signature. You can view log file signatures by using the
Exchange Server Database Utilities (Eseutil.exe) tool and viewing the log file header with the command Eseutil/ml [log filename].
You can view database (.edb) and streaming database (.stm) file signatures by viewing the file header with Eseutil /mh [database filename].edb.
A typical log file or database file signature looks like this:
Signature: Create time:12/17/2002 18:1:44 Rand:81060559 Computer:
Activating and recovering a lagged mailbox database copy is an easy process if you want the database to replay all log files and make the database copy current. If you want to replay log files up to a specific point in time, it’s a more difficult operation because you manually manipulate log files and run Exchange Server Database Utilities (Eseutil.exe). Suspend-MailboxDatabaseCopy Use the Suspend-MailboxDatabaseCopy cmdlet to block replication and replay activities (log copying and replay) or activation for a database configured with two or more database copies.
For a variety of reasons, such as performing planned maintenance, it may be necessary to suspend and resume continuous replication activity for a database copy. In addition, some administrative tasks, such as seeding, require you to first suspend a database copy. We recommend that all replication activity be suspended when the path for the database or its log files is being changed.
You can suspend and resume database copy activity by using the EAC, or by running the Suspend- MailboxDatabaseCopy and Resume-MailboxDatabaseCopy cmdlets in the Shell.
EXAMPLE 1
This example suspends replication and replay activity for the copy of the database DB1 hosted on the Mailbox server MBX3. An optional administrative reason for the suspension is specified. Suspend-MailboxDatabaseCopy -Identity DB1\MBX3 -SuspendComment “Maintenance on MBX3” NOT Move-ActiveMailboxDatabase
Not attempting to make a passive or lagged database active. You need to ensure that you can recover the email message from the lagged copy of the mailbox database.
The solution must preserve the lagged copy of the mailbox database.
STEPS
No need to use Move-ActiveMailboxDatabase
1. First Use the Suspend-MailboxDatabaseCopy cmdlet to block replication and replay activities (log copying and replay)
2. 2nd use vssadmin to check that there could be VSS errors causing the datasources not to enumerate.
3. 3rd Run Exchange Server Database Utilities (Eseutil.exe).
THIS LAST STEP NEEDS CLARIFYING

QUESTION 56
Your company has four regional offices and 20 branch offices. The regional offices connect to each other by using a 30-Mbps WAN link. Each branch office connects to its nearest regional office by using a 1-Mbps WAN link. The network contains an Active Directory forest. The forest contains a domain controller in each office. Each office maps to an Active Directory site. Each branch office site connects to the nearest regional office site by using an Active Directory site link. You have an Exchange Server 2013 organization that contains one server in each office. You need to implement a messaging solution to meet the following requirements:
– The users in the branch offices must only be able to send email messages that are up to 2 MB to the users in the other offices.
– The users in the regional offices must be prevented from sending email messages that are larger than 5 MB to the users in any of the regional offices.
Which cmdlet should you run?

A.    Set-TransportRule
B.    Set-ADSite
C.    Set-AdSiteLink
D.    Set-RoutingGroupConnector

Answer: C
Explanation:
NOT A
Does not relate to message size
Set-TransportRule
Use the Set-TransportRule cmdlet to modify an existing transport rule in your organization. For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example modifies the Sales Team Disclaimer transport rule. Modifying the value of one predicate doesn’t affect other predicates used in the rule’s conditions or exceptions and doesn’t affect actions on the same rule.
This example sets the FromMemberOf parameter to a value of Sales-Group, which specifies that the rule is applied if the sender of the message is a member of the Sales-Group distribution group. Set-TransportRule “Sales Team Disclaimer” -FromMemberOf “Sales-Group” NOT B
Does not relate to message size
Set-ADSite
Use the Set-AdSite cmdlet to configure the Exchange settings of Active Directory sites.
EXAMPLE 1
This example configures the Active Directory site named Default-First-Site-Name as a hub site. Set-AdSite Default-First-Site-Name -HubSiteEnabled $true NOT D
Does not relate to message size
Set-RoutingGroupConnector
With routing groups and Routing Group connectors you can consolidate communication between servers by designating bridgehead servers that act as communication points between routing groups. For example, your organization may have a remote site connected through a wide-area- network (WAN) link to your main office. In this example, you can use a Routing Group connector to route Exchange traffic between a server at your main office and a server at your remote site.
C
The only command that deals with message size.
Set-AdSiteLink
Use the Set-AdSiteLink cmdlet to assign an Exchange-specific cost to an Active Directory IP site link. You can also use this cmdlet to configure the maximum message size that can pass across an Active Directory IP site link.
EXAMPLE 1
This example assigns an Exchange-specific cost of 25 to the IP site link DEFAULT_IP_SITE_LINK and configures a maximum message size limit of 10 MB on the IP site link. Set-AdSiteLink DEFAULT_IP_SITE_LINK -ExchangeCost 25 -MaxMessageSize 10MB

Case Study 5: Fabrikam, Inc (QUESTION 57 ~ QUESTION 66)
Overview
Fabrikam, Inc., is a pharmaceutical company located in Europe. The company has 5,000 users. The company is finalizing plans to deploy an Exchange Server 2013 organization. The company has offices in Paris and Amsterdam.
Existing Environment
Active Directory Environment
The network contains an Active Directory domain named fabrikam.com. An Active Directory site exists for each office.
Network Infrastructure
The roles and location of each server are configured as shown in the following table.

clip_image001[6]
Client computers run either Windows 7 or Windows 8 and have Microsoft Office 2010 installed. The Paris office uses the 192.168.1.0/24 IP range. The Amsterdam office uses the 192.168.2.0/24 IP range. The offices connect to each other by using a high-speed, low- latency WAN link. Each office has a 10-Mbps connection to the Internet.
Planned Exchange Infrastructure
The company plans to deploy five servers that run Exchange Server. The servers will be configured as shown in the following table.

clip_image001[8]
The company plans to have mailbox databases replicated in database availability groups (DAGs). The mailbox databases and DAGs will be configured as shown in the following table.

clip_image001[10]
DAG1 will use FS1 as a file share witness. DAG2 will use FS3 as a file share witness. You plan to create the following networks on each DAG:
– A dedicated replication network named DAGNET1
– A MAPI network named DAGNET2
All replication traffic will run on DAGNET1. All client connections will run on DAGNET2. Client connections must never occur on DAGNET1. Replication traffic must only occur on DAGNET2 if DAGNET1 is unavailable. Each Exchange Server 2013 Mailbox server will be configured to have two network adapters.
The following two mailbox databases will not be replicated as part of the DAGs:
– A mailbox database named AccountingDB that is hosted on EX1
– A mailbox database named TempStaffDB that is hosted on EX4 EDGE1 will have an Edge Subscription configured, with both EX1 and EX2 as targets.
Requirements
Planned Changes
An external consultant reviews the Exchange Server 2013 deployment plan and identifies the following areas of concern:
– The DAGs will not be monitored.
– Multiple Edge Transport servers are required to prevent the potential for a single point of failure.
Technical Requirements
Fabrikam must meet the following technical requirements:
– Email must be evaluated for SPAM before the email enters the internal network.
– Production system patching must minimize downtime to achieve the highest possible service to users.
– Users must be able to use the Exchange Control Panel to autonomously join and disjoin their department’s distribution lists.
– Users must be able to access all Internet-facing Exchange Server services by using the names of mail.fabrikam.com and autodiscover.fabrikam.com.
The company establishes a partnership with another company named A. Datum Corporation. A. Datum uses the SMTP suffix adatum.com for all email addresses. Fabrikam plans to exchange sensitive information with A. Datum and requires that the email messages sent between the two companies be encrypted. The solution must use Domain Security. Users in the research and development (R&D) department must be able to view only the mailboxes of the users in their department from Microsoft Outlook. The users in all of the other departments must be prevented from viewing the mailboxes of the R&D users from Outlook. Administrators plan to produce HTML reports that contain information about recent status changes to the mailbox databases. Fabrikam is evaluating whether to abort its plan to implement an Exchange Server 2010 Edge Transport server and to implement a Client Access server in the Paris office instead. The Client Access server will have anti-spam agents installed.

QUESTION 57
Hotspot Question
You need to recommend which configurations must be set for each network. Which configurations should you recommend?
To answer, select the appropriate configurations for each network in the answer area.

clip_image001[12]
Answer:

clip_image001[14]

QUESTION 58
You have an Exchange Server 2013 organization that contains multiple Hub Transport servers.
You need to recommend a message hygiene solution to meet the following requirements:
– Block servers that are known to send spam
– Minimize administrative effort
What should you recommend?

A.    an IP Block list
B.    IP Block list providers
C.    recipient filtering
D.    sender filtering

Answer: B

QUESTION 59
Your company has a Exchange Server 2013 organization.
You plan to deploy Microsoft Office Outlook and mobile devices for remote users.
You need to plan the deployment of Client Access servers to support the automatic configuration of Outlook profiles and ——–.
What should you include in the plan?

A.    Autodiscover
B.    MailTips
C.    Remote Access Server
D.    Unified Messaging auto attendant

Answer: A

QUESTION 60
You need to recommend a design that meets the technical requirements for communication between Fabrikam and A. Datum. Which three actions should you perform in fabrikam.com? (Each correct answer presents part of the solution. Choose three.)

A.    Create a remote domain for adatum.com.
B.    Exchange certificates with the administrators of adatum.com.
C.    From EDGE1, create a Send connector that has an address space for adatum.com
D.    Run the Set-TransportConfigcmdlet.
E.    Run the Set-TransportServercmdlet.
F.    From a Mailbox server, create a Send connector that has an address space for adatum.com.

Answer: BDF
Explanation:
NOT A
Applies to: Exchange Server 2013, Exchange Online
Remote domains are SMTP domains that are external to your Microsoft Exchange organization. You can create remote domain entries to define the settings for message transferred between your Exchange organization and specific external domains. The settings in the remote domain entry for a specific external domain override the settings in the default remote domain that normally apply to all external recipients. The remote domain settings are global for the Exchange organization.
You can create remote domain entries to define the settings for message transfers between your Exchange Online organization and external domains. When you create a remote domain entry, you control the types of messages that are sent to that domain. You can also apply message format policies and acceptable character sets for messages that are sent from users in your organization to the remote domain.
NOT C
Edge1 is in the perimeter network and the send connector needs to be created on a mailbox server
NOT E
Set-TransportServercmdlet.
Use the Set-TransportServer cmdlet to set the transport configuration options for the Transport service on Mailbox servers or for Edge Transport servers.
This example sets the DelayNotificationTimeout parameter to 13 hours on server named Mailbox01.
Set-TransportServer Mailbox01 -DelayNotificationTimeout 13:00:00
Need Set-TransportConfig   and the TLSReceiveDomainSecureList parameter  to specify the domains from which you want to receive domain secured email by using mutual Transport Layer Security (TLS) authentication.
B
To activate SSL encryption on an Exchange server, you need a server certificate on the Client Access Server in each company. The client access server is the internet facing server in an organization.
An SSL certificate is a digital certificate that authenticates the identity of the exchange server and encrypts information that is sent to the server using Secure Sockets Layer (SSL) technology
Mailbox server certificates
One key difference between Exchange 2010 and Exchange 2013 is that the certificates that are used on the Exchange 2013 Mailbox server are self-signed certificates.
Because all clients connect to an Exchange 2013 Mailbox server through an Exchange 2013 Client Access server, the only certificates that you need to manage are those on the Client Access server.
The Client Access server automatically trusts the self-signed certificate on the Mailbox server, so clients will not receive warnings about a self-signed certificate not being trusted, provided that the Client Access server has a non-self-signed certificate from either a Windows certification authority (CA) or a trusted third party. There are no tools or cmdlets available to manage self-signed certificates on the Mailbox server. After the server has been properly installed, you should never need to worry about the certificates on the Mailbox server.
D
Set-TransportConfig.
Use the Set-TransportConfig cmdlet to modify the transport configuration settings for the whole Exchange organization.
EXAMPLE 1
This example configures the Exchange organization to forward all DSN messages that have the DSN codes 5.7.1, 5.7.2, and 5.7.3 to the postmaster email account.
Set-TransportConfig -GenerateCopyOfDSNFor 5.7.1,5.7.2,5.7.3
The TLSReceiveDomainSecureList parameter specifies the domains from which you want to receive domain secured email by using mutual Transport Layer Security (TLS) authentication.
F
If you want to ensure secure, encrypted communication with a partner, you can create a Send connector that is configured to enforce Transport Layer Security (TLS) for messages sent to a partner domain. TLS provides secure communication over the Internet.

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(41-50)!

QUESTION 41
You have an Exchange Server 2013 organization that contains two servers named EX1 and EX2. EX1 and EX2 are the members of a database availability group (DAG) named DAG1. EX1 and EX2 each contain a copy of a mailbox database named DB1. DB1 is configured to retain deleted items for 120 days. At the end of each month, the mailbox databases on EX1 are backed up to tape. The monthly backups are retained for two years. A user named User1 has a mailbox in DB1. User1 discovers that a mailbox folder that contained important email messages was deleted more than six months ago. You need to recover the deleted mailbox folder without affecting any other users who have mailboxes in DB1. Which three actions should you perform? (Each correct answer presents part of the solution.
Choose three.)

A.    Run the New-MaiboxRestoreRequestcmdlet.
B.    Run the New-MailboxDatabasecmdlet and specify the Recovery parameter.
C.    Restore DB1 from the tape backup to an alternate location.
D.    Restore DB1 from the tape backup to the database’s original location.
E.    Run the New-Mailbox cmdlet and specify the Recovery parameter.

Answer: ABC
Explanation:
Recovery Database
A recovery database is a special kind of mailbox database that allows you to mount a restored mailbox database and extract data from the restored database as part of a recovery operation. You can use the New-MailboxRestoreRequest cmdlet to extract data from a recovery database. After extraction, the data can be exported to a folder or merged into an existing mailbox. Recovery databases enable you to recover data from a backup or copy of a database without disturbing user access to current data.
A
New-MaiboxRestoreRequestcmdlet
Use the New-MailboxRestoreRequest cmdlet to restore a soft-deleted or disconnected mailbox. This cmdlet starts the process of moving content from the soft-deleted mailbox, disabled mailbox, or any mailbox in a recovery database into a connected primary or archive mailbox. For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
To create a restore request, you must provide the DisplayName, LegacyDN, or MailboxGUID for the softdeleted or disabled mailbox. This example uses the Get-MailboxStatistics cmdlet to return the DisplayName, LegacyDN, MailboxGUID, and DisconnectReason for all mailboxes on mailbox database MBD01 that have a disconnect reason of SoftDeleted or Disabled. Get-MailboxStatistics -Database MBD01 | Where { $_.DisconnectReason -eq “SoftDeleted” -or $_. DisconnectReason -eq “Disabled” } | Format-List LegacyDN, DisplayName, MailboxGUID, DisconnectReason
This example restores the source mailbox with the MailboxGUID 1d20855f-fd54-4681-98e6- e249f7326ddd on mailbox database MBD01 to the target mailbox with the alias Ayla. New-MailboxRestoreRequest -SourceDatabase “MBD01” -SourceStoreMailbox 1d20855f-fd54-4681- 98e6-e249f7326ddd -TargetMailbox Ayla
B
Use the New-MailboxDatabase cmdlet to create a mailbox database object in the database container in Active Directory.
For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example creates the mailbox database MailboxDatabase01.
This example also specifies where to create the .edb database file, which is different than the default location.
New-MailboxDatabase -Name “MailboxDatabase01” -EdbFilePath
D:\DatabaseFiles\MailboxDatabase01.edb
The Recovery parameter specifies that the new database is designated as a recovery database.
NOT D
Need to recover data from a backup or copy of a database without disturbing user access to current data.
Therefore restore to an alternate location.
NOT E
No recovery parameter exists for the New-Mailbox cmdlet.

QUESTION 42
You have an Exchange Server 2010 organization. All users connect to their mailbox by using Microsoft Outlook 2013 and Outlook Web App. All client connections to Exchange Server use the name mail.contoso.com. You deploy Exchange Server 2013 to the organization, you move all of the users to Exchange Server 2013, and then you decommission all of the Exchange Server 2010 servers. The users report that when they open Outlook 2013, they receive a certificate warning message. The users do not receive a certificate error message or a certificate warning message when they open Outlook Web App. You need to prevent the certificate warning message from occurring when the users open Outlook 2013. Which cmdlet should you run?

A.    Set-ClientAccessServer
B.    New-ExchangeCertficiate
C.    New-ClientAccessArray
D.    Import-ExchangeCertificate

Answer: A

QUESTION 43
Your network contains an Active Directory forest. The forest contains two sites named Montreal and New York. You have an Exchange Server 2013 organization that contains a Mailbox server and a Client Access server in each site. The users in the New York site report that the offline address book (OAB) is not updated after an extended WAN outage between the sites. The Montreal site contains the OAB generation server. You need to ensure that the New York site users download the OAB from a server in the New York site. Which two cmdlets should you run? (Each correct answer presents part of the solution. Choose two.)

A.    Set-Mailbox
B.    New-OfflineAddressBook
C.    New-Mailbox
D.    New-OabVirtualDirectory
E.    Set-OfflineAddressBook

Answer: AC
Explanation:
A
Set-Mailbox
Use the Set-Mailbox cmdlet to modify the settings of an existing mailbox. You can use this cmdlet for one mailbox at a time.
To perform bulk management, you can pipeline the output of various Get- cmdlets (for example, the Get-Mailbox or Get-User cmdlets) and configure several mailboxes in a single-line command. You can also use the Set-Mailbox cmdlet in scripts.
For information about the parameter sets in the Syntax section below, see Syntax.
Step2: Enable OABGen capability
Set-Mailbox -Arbitration oabs -OABGen $true
http://technet.microsoft.com/en-us/library/aa996345(v=exchg.150).aspx
Provision Recipients for Offline Address Book Downloads
To specify which OAB is downloaded by linking the OAB directly to a recipient’s mailbox, use the following syntax.
Set-Mailbox -Identity <MailboxIDParameter> -OfflineAddressBook <OfflineAddressBookIdParameter>
Better for this question (but the option is not covered:)
Use the Shell to specify the OAB that multiple recipients will download
This example specifies that all user mailboxes in the United States for Contoso will download the OAB Contoso United States.
Get-User -ResultSize Unlimited -Filter { Company -eq “Contoso” -and RecipientType -eq “UserMailbox” } | Where { $_.CountryOrRegion -eq “United States”} | Set-Mailbox -OfflineAddressBook “Contoso United States”
NOT B
New-OfflineAddressBook
Use the New-OfflineAddressBook cmdlet to create an offline address book (OAB).
EXAMPLE 1
This example uses two commands to create the OAB named OAB_AgencyB that includes all address lists where AgencyB is part of the name. With the settings shown, an OAB is generated by myserver.contoso.com on Mondays and Wednesdays from 01:00 (1:00 A.M.) to 02:00 (2:00 A.M.). The command also creates the default OAB for the organization.
$a = Get-AddressList | Where {$_.Name -Like “*AgencyB*”
New-OfflineAddressBook -Name “OAB_AgencyB” -Server myserver.contoso.com -AddressLists $a -Schedule “Mon.01:00-Mon.02:00, Wed.01:00-Wed.02:00”
C
New-Mailbox
Use the New-Mailbox cmdlet to create a user in Active Directory and mailbox-enable this new user.
Step1: Create a new arbitration mailbox
New-Mailbox -Arbitration -Name “OAB New York” -Database DB2NewYork -UserPrincipalName oabs@contoso.com –DisplayName “OAB Mailbox for New York”
EXAMPLE 1
This example creates a user Chris Ashton in Active Directory and creates a mailbox for the user. The mailbox is located on Mailbox Database 1. The password must be reset at the next logon. To set the initial value of the password, this example creates a variable ($password), prompts you to enter a password, and assigns that password to the variable as a SecureString object.
$password = Read-Host “Enter password” -AsSecureString
New-Mailbox -UserPrincipalName chris@contoso.com -Alias chris -Database “Mailbox Database 1” -Name ChrisAshton -OrganizationalUnit Users -Password $password -FirstName Chris -LastName Ashton -DisplayName “Chris Ashton” -ResetPasswordOnNextLogon $true
NOT D
New-OabVirtualDirectory
Use the New-OABVirtualDirectory cmdlet to configure a server as a web distribution point for an offline address book (OAB).
EXAMPLE 1
This example creates an OAB virtual directory on CASServer01 and configures the distribution service to poll the generation server every two hours.
New-OABVirtualDirectory -Server CASServer01 -PollInterval 120
NOT E
Set-OfflineAddressBook
Use the Set-OfflineAddressBook cmdlet to modify offline address book (OAB) settings.
EXAMPLE 1
This example changes the name of the OAB.
Set-OfflineAddressBook -Identity “\Default Offline Address Book” -Name “My Offline Address Book”

QUESTION 44
Your network contains an Active Directory forest. The forest contains one domain. The domain contains two sites and three domain controllers. The sites and domain controllers are configured as shown in the following table.

clip_image002
The sites connect to each other by using a WAN link. You have an Exchange Server 2013 organization that contains two servers in the Main Office site. In Branch1, you plan to deploy one server to the Exchange Server 2013 organization. You need to ensure that all of the Exchange Server services in Branch1 are available if the WAN link fails after the planned deployment. What should you do?

A.    Create a site link bridge, and then configure Branch1 as a hub site.
B.    Replace the domain controller in Branch1 with an RODC that runs Windows Server 2012.
C.    Replace the domain controller in Branch1 with a writable domain controller that runs a Server Core
installation of Windows Server 2008.
D.    Create an additional site link, and then configure Branch1 as a hub site.

Answer: C
Explanation:
Site link bridge
A site link bridge connects two or more site links and enables transitivity between site links. Each site link in a bridge must have a site in common with another site link in the bridge. The Knowledge Consistency Checker (KCC) uses the information on each site link to compute the cost of replication between sites in one site link and sites in the other site links of the bridge. Without the presence of a common site between site links, the KCC also cannot establish direct connections between domain controllers in the sites that are connected by the same site link bridge. By default, all site links are transitive.

clip_image002[4]
This figure illustrates an organization’s hub-and-spoke network topology, consisting of two hub sites (A and B) and six satellite sites (C through H). The site links between all sites are named A-B, A-C, A- D, A-E, B-F, B-G, and B-H.

clip_image001
Hub Site
A hub site is based on having large numbers of outgoing links NOT A B D
If you want to install or operate any Exchange 2013 server in a site, you must have a writable global catalog in the same AD site.
Be aware that no versions of Exchange Server will make use of RODC or the Global Catalog server on a RODC although Exchange will work in the presence of RODC as long as writable versions of domain controllers and GCs are available
C
If you want to install or operate any Exchange 2013 server in a site, you must have a writable global catalog in the same AD site.
The Global Catalog is the central repository of information about objects in a tree or forest but with a limited number of each objects attribute.
The domain controller that holds a copy of the Global Catalog is the Global Catalog Server. The global catalog server makes it possible to search the entire AD DS forest without referrals to the domain controller that stores the target of the search. The global catalog server is also required for searching and processing domain logons in forests where universal groups is available Be aware that no versions of Exchange Server will make use of RODC or the Global Catalog server on a RODC although Exchange will work in the presence of RODC as long as writable versions of domain controllers and GCs are available

QUESTION 45
Your company has a main office site and a disaster recovery site. The two sites connect to each other by using redundant WAN links. Each site connects directly to the Internet. Each site contains one Exchange Server 2013 server that is accessible from the Internet. The company uses the ©ontoso.com email address suffix. The DNS records that can be resolved from the Internet are configured as shown in the following table.

clip_image001[4]
When the Internet link at the main office site fails, the company cannot receive incoming email from the Internet. You need to ensure that incoming email from the Internet is delivered to Server1. Incoming email from the Internet must be delivered to Server2 if Server1 is unavailable. What should you create?

A.    A CNAME record for the name mail.contoso.com that resolves to server2.contoso.com
B.    An MX record that has a cost of 20 and resolves to mail.contoso.com
C.    An MX record that has a cost of 20 and resolves to server2.contoso.com
D.    An A record for the name mail.contoso.com that resolves to 131.107.101.1

Answer: C
Explanation:
CNAME record
A CNAME record is an abbreviation for Canonical Name record and is a type of resource record in the Domain Name System (DNS) that specifies that the domain name is an alias of another, canonical domain name. Here “canonical” usually means: a more generally accepted or standard name.
For example, if there is a DNS zone as follows:
NAME TYPE VALUE
————————————————–
bar.example.com. CNAME foo.example.com.
foo.example.com. A 192.0.2.23
MX record
A mail exchanger record (MX record) is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient’s domain, and a preference value used to prioritize mail delivery if multiple mail servers are available. The set of MX records of a domain name specifies how email should be routed with the Simple Mail Transfer Protocol (SMTP).
A Record
An A (address) record is a DNS record that can be used to point your domain name and host names to a static IP address.
NOT A B D
Need to increase the cost associated with the MX record of Server2 so that Server1 is preferred over Server2 but Server2 will be used if Server1 is not available.
C
Need to increase the cost associated with the MX record of Server2 so that Server1 is preferred over Server2 but Server2 will be used if Server1 is not available.

QUESTION 46
Drag and Drop Question
You have an Exchange Server 2013 organization named adatum.com. The organization contains a server named Server1. Server1 is a member of a Database Availability Group (DAG) named DAG1. You have a user named Sales1 in the Sales department. You need to prevent Sales1 from submitting more than 75 email messages per minute to the Exchange Server organization by using Microsoft Outlook. Which three commands should you run in sequence? (To answer, move the appropriate three commands from the list of commands to the answer area and arrange them in the correct order.)

clip_image002[6]
Answer:

clip_image002[8]

QUESTION 47
Drag and Drop Question
You have an Exchange Server organization that contains three servers. The servers are configured as shown in the following table.

clip_image002[10]
You need to create a new database availability group (DAG) that contains EX1 and EX2. Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)

clip_image002[12]
Answer:

clip_image002[14]
Explanation:
Box 1: Add the Exchange Trusted Subsystem universal security group to the local Administrators group on Server1.
Box 2: Create a new DAG and specify Server1 as the file share witness.
Box 3: Add EX1 and EX2 to the DAG.
Note:
* A database availability group (DAG) is a set of up to 16 Microsoft Exchange Server 2013 Mailbox servers that provide automatic database-level recovery from a database, server, or network failure. When a Mailbox server is added to a DAG, it works with the other servers in the DAG to provide automatic, database-level recovery from database, server, and network failures.
* You can specify a name for the DAG and the witness server that you want to use, and leave the Witness directory field empty. In this scenario, the task will create the default witness directory on the specified witness server.
* If the witness server you specify isn’t an Exchange 2013 or Exchange 2010 server, you must add the Exchange Trusted Subsystem universal security group to the local Administrators group on the witness server. These security permissions are necessary to ensure that Exchange can create a directory and share on the witness server as needed.
Reference: Exchange 2013, Create a Database Availability Group

QUESTION 48
You have an Exchange Server 2013 organization that contains two Mailbox servers named MBX1 and MBX2. You create a database availability group (DAG) named DAG1. DAG1 is configured as shown in the exhibit. You need to ensure that replication only occurs over the replication network. Which two commands should you run? (Each correct answer presents part of the solution. Choose two.)

clip_image002[16]

A.    Set-DatabaseAvailabilityGroup Dag1 -ManualDagNetworkConfiguration $true
B.    Set-DatabaseAvailabilityGroup Dag1 -ManualDagNetworkConfiguration $false
C.    Set-DatabaseAvailabilityGroupNetwork MapiDagNetwork -ReplicationEnabled $false
D.    Set-DatabaseAvailabilityGroupNetwork ReplicationDagNetwork01 -ReplicationEnabled $true

Answer: BC
Explanation:
You need to ensure that replication only occurs over the replication network.
If you would like to ‘force’ replication to only go over the Replication Network, then you definately would like to disable replication on the MAPI Network, but IF the NIC on the Replication Network goes down, it will start replicating over the MAPI NIC. There is no way of blocking that behaviour and isn’t what you’d want anyway since DAGs actually cope quite fine with just 1 NIC.
DAG Networks
Each database availability group (DAG) network has several properties that you can configure, including the name of the DAG network, a description field for the DAG network, a list of subnets that are used by the DAG network, and whether the DAG network is enabled for replication. You can configure a DAG network only when automatic network configuration has been disabled for a DAG.
There are specific networking requirements that must be met for each DAG and for each DAG member. Each
DAG must have a single MAPI network, which is used by a DAG member to communicate with other servers (for example, other Exchange 2013 servers or directory servers), and zero or more Replication networks, which are networks dedicated to log shipping and seeding. Although a single network is supported, we recommend that each DAG have at least two networks: a single MAPI network and a single Replication network. This provides redundancy for the network and the network path, and enables the system to distinguish between a server failure and a network failure. Using a single network adapter prevents the system from distinguishing between these two types of failures.

clip_image002[18]
MAPI
MAPI stands for Messaging Application Programming Interface, and it gives programs the ability to send email using your email program to do the actual sending.
Set-DatabaseAvailabilityGroup
The Set-DatabaseAvailabilityGroup cmdlet enables you to manage DAG properties that can’t be managed from the Exchange Administration Center (EAC), such as configuring network discovery, selecting the TCP port used for replication, and enabling datacenter activation coordination (DAC) mode.
Set-DatabaseAvailabilityGroupNetwork
Use the Set-DatabaseAvailabilityGroupNetwork cmdlet to configure a network for a database availability group (DAG).
You can configure a variety of network properties, such as the name for the network, a description of the network, a list of one or more subnets that comprise the network, and whether the network is enabled for replication (log shipping and seeding).
You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they’re not included in the permissions assigned to you.
C
Ensures that you can configure a DAG network by turning the automatic configuration off.
The ManualDagNetworkConfiguration parameter
Specifies whether DAG networks should be automatically configured. If this parameter is set to False, DAG networks are automatically configured. If this parameter is set to True, you must manually configure DAG networks.
You can configure a DAG network only when automatic network configuration has been disabled for a DAG.
Need to manually configure the DAG NETWORK
NOT D
Need to turn the automatic DAG configuration off.
The ManualDagNetworkConfiguration parameter Specifies whether DAG networks should be automatically configured. If this parameter is set to False, DAG networks are automatically configured. If this parameter is set to True, you must manually configure DAG networks. You can configure a DAG network only when automatic network configuration has been disabled for a DAG.
NOT A
Does not disable the replication over the MAPI network as required in this scenario B
Disables replication over the MAPI network as required in this scenario

QUESTION 49
You have an Exchange Server 2013 organization that contains a server named Server1. Server1 has an IP address of 10.1.100.16 and is configured to use a default gateway of 10.1.100.1. You deploy a hardware load balancer that is configured to use the IP addresses of 192.168.101.31 and 10.1.100.31.
A user named User1 has a client computer that has an IP address of 102.168.101.201. User1 reports that he cannot view his mailbox by using Outlook Web App. When you review the IIS logs on Server1, you discover the following information:

clip_image002[20]
You need to ensure that User1 can access his mailbox successfully from Outlook Web App. What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)

A.    Configure the hardware load balancer to use the same certificate as the certificate used on Server1.
B.    Configure the hardware load balancer to use source NAT (SNAT).
C.    Configure the computer of User1 to ignore response headers.
D.    Modify the default gateway of Server1.

Answer: BD
Explanation:
Source NAT
When using source NAT, the client IP address is not passed to the load balanced server. The insertion of the Client IP address into the header allows the servers to see the IP that made the connection They are then able to return the requested information correctly B
Configuring the hardware load balancer to use source NAT (SNAT) will resolve the problem.
D
Changing the default gateway of Server1 to that of the hardware load balancer will ensure that the connection to Server1 will be returned via the network load balancer and out to User1 NOT A
Not a certificate problem
NOT C
NOT a http response header issue
HTTP response header
The information, in the form of a text record, that a Web server sends back to a clients browser in response to receiving an HTTP request.
The response header contains the date, size and type of file that the server is sending back to the client and also data about the server itself.
The header is attached to the files being sent back to the client.

QUESTION 50
You have an Exchange Server 2013 organization that is configured to filter email messages for spam and malware. You need to modify the schedule for applying updates to the anti-spam and the antimalware definitions. Which command should you run?

A.    Update-MalwareFilteringServer.ps1
B.    Set-MalwareFilteringServer
C.    Set-SenderFilterConfig
D.    Update-SafeList

Answer: B
Explanation:
NOT A
Microsoft Exchange Server 2013 administrators can manually download anti-malware engine and definition (signature) updates.
Update-MalwareFilteringServer.ps1 used in manual updates not schedule updates.
NOT C
Not used for spam and malware updates.
Use the Set-SenderFilterConfig cmdlet to modify the Sender Filter agent configuration.
EXAMPLE 1
This example makes the following modifications to the Sender Filter agent configuration:
It enables blocking of blank senders.
It blocks messages from lucernepublishing.com and all subdomains. It adds user1@contoso.com and user2@contoso.com to the blocked senders list without affecting any existing entries.
Set-SenderFilterConfig -BlankSenderBlockingEnabled $true -BlockedDomainsAndSubdomains
lucernepublishing.com -BlockedSenders @{Add=”user1@contoso.com”,”user2@contoso.com”} NOT D
Use the Update-SafeList cmdlet to update the safelist aggregation data in Active Directory. Safelist aggregation data is used in the built-in anti-spam filtering in Microsoft Exchange. EdgeSync replicates
safelist aggregation data to Edge Transport servers in the perimeter network.
EXAMPLE 1
This example updates Safe Senders List data for the single user kim@contoso.com.
Update-Safelist kim@contoso.com
B
Set-MalwareFilteringServer
Use the Set-MalwareFilteringServer cmdlet to configure the Malware agent settings in the Transport service on a Mailbox server.
Example 1
This example sets the following Malware agent settings on the Mailbox server named Mailbox01:
Sets the update frequency interval to 2 hours
Sets the time to wait between resubmit attempts to 10 minutes Set-MalwareFilteringServer Mailbox01 -UpdateFrequency 120 -DeferWaitTime 10

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(31-40)!

QUESTION 31
You are implementing a solution to meet the security requirements for Outlook authentication. You purchase a new certificate that has a subject name of mail.proseware.com and SANs of autodiscover.proseware.com and oa.proseware.com. You create a host (A) record for oa.proseware.com in the public DNS zone. Remote users report that they fail to connect to their mailbox by using Outlook. You need to ensure that the remote users can connect to their mailbox from Outlook. The solution must meet the security requirements. Which two commands should you run? (Each correct answer presents part of the solution. Choose two.)
A.    Set-OutlookProvider EXPR -CertPrincipalName msstd:mail.proseware.com
B.    Set-OutlookAnywhere -ExternalHostName oa.proseware.com – ExternalClientAuthenticationMethod
Basic -ExternalClientsRequireSsI $true -InternalHostName mail.proseware.com – InternalClientAuthentication
Method NTLM -InternalClientsRequireSsI Strue
C.    Set-OutlookProvider EXPR -CertPrincipalName msstd:oa.proseware.com
D.    Set-OutlookAnywhere -ExternalHostName mail.proseware.com- ExternalClientAuthenticationMethod
Basic -ExternalClientsRequireSsI $true -InternalHostName oa.proseware.com -InternalClientAuthentication
Method NTLM -InternalClientsRequireSsI $true

Answer: AB
Explanation:
A
Subject name of the certificate is mail.proseware.com not oa.prosware.com
NOT C
Subject name of the certificate is mail.proseware.com not oa.prosware.com
B
ExternalHostName oa.proseware.com is correct as oa.proseware.com is a host (A) record in the public DNS zone.
NOT D
ExternalHostName mail.proseware.com is NOT correct as oa.proseware.com is a host (A) record in the public DNS zone.

QUESTION 32
You need to recommend which actions must be performed to meet the technical requirements for the new Contoso users. Which three actions should you recommend? (Each correct answer presents part of the solution. Choose three.)

A.    Configure UPN suffix routing.
B.    Configure Contoso to trust Proseware.
C.    Configure Proseware to trust Contoso.
D.    Run the New-Mailbox cmdlet and specify the -AccountDisabled parameter.
E.    Run the New-Mailbox cmdlet and specify the -LinkedMasterAccount parameter.
F.    Create a linked role group.

Answer: ACE
Explanation:
A
All new user accounts in contoso.com must have a user principal name (UPN) that ends with proseware.com
Configure UPN suffix routing
Name suffix routing is a mechanism that you can use to manage how authentication requests are routed across Active Directory forests that are joined by forest trusts.
NOT B
AS PER ABOVE DIAGRAM PROSEWARE NEEDS TO TRUST CONTOSO
C
AS PER ABOVE DIAGRAM PROSEWARE NEEDS TO TRUST CONTOSO
E
All new users hired at Contoso must have a user account in contoso.com and an Exchange Server mailbox in proseware.com
Use the New-Mailbox cmdlet to create a user in Active Directory and mailbox-enable this new user.
The LinkedMasterAccount parameter specifies the master account in the forest where the user account resides. The master account is the account to link the mailbox to.
The master account grants access to the mailbox. This parameter is required only if you’re creating a linked mailbox.
A linked mailbox is a mailbox that’s associated with an external account. The resource forest scenario is an example of a situation in which you would want to associate a mailbox with an external account. In a resource forest scenario, user objects in the Exchange forest have mailboxes, but the user objects are disabled for logon. You must associate these mailbox objects in the Exchange forest with enabled user objects in the external accounts forest.
NOT D
Need to use linked mailboxes.
Use the New-Mailbox cmdlet to create a user in Active Directory and mailbox-enable this new user.
The AccountDisabled parameter specifies whether to create the mailbox in a disabled state. You don’t have to specify a value with this parameter.
NOT F
Need to use linked mailboxes.
You can use a linked management role group to enable members of a universal security group (USG) in a foreign Active Directory forest to manage a Microsoft Exchange Server 2013 organization in a resource Active Directory forest.
By associating a USG in a foreign forest with a linked role group, the members of that USG are granted the permissions provided by the management roles assigned to the linked role group.
For more information about linked role groups, see Understanding Management Role Groups.

QUESTION 33
Hotspot Question
You need to recommend a solution to resolve the Autodiscover and the free/busy information issues. Which command should you include in the recommendation? (To answer, configure the appropriate options in the answer area.)

clip_image002

clip_image002[4]
Answer:

clip_image002[8]

QUESTION 34
You need to recommend a solution to resolve the issue of the human resources department manager. What should you include in the recommendation?

A.    Run Set-ADServerSettings -ConfigurationDomainController dcl.proseware.com on all of the Exchange
servers in the London site.
B.    Move the PDC emulator to the New York office.
C.    Modify the replication interval on the Active Directory site link.
D.    Schedule a task that runs the Update-AddressList command to run once per hour.

Answer: C
Explanation:
NOT A
Set-ADServerSettings
Use the Set-AdServerSettings cmdlet to manage the Active Directory Domain Services (AD DS) environment in the current Exchange Management Shell session.
The Set-AdServerSettings cmdlet replaces the AdminSessionADSettings session variable that was used in Microsoft Exchange Server 2007.
The ConfigurationDomainController parameter specifies the fully qualified domain name (FQDN) of the configuration domain controller to be used for reading Exchange configuration information in this session.
NOT B
Issue is related to AD Site replication
NOT D
Will not improve the site replication
You can use the Shell to update a global address list (GAL). A GAL is a directory that contains entries for every group, user, and contact within an organization’s implementation of Microsoft Exchange.
C
You must set the site link replication interval property to indicate how frequently you want replication to occur during the times when the schedule allows replication. For example, if the schedule allows replication between 02:00 hours and 04:00 hours, and the replication interval is set for 30 minutes, replication can occur up to four times during the scheduled time. The default replication interval is 180 minutes, or 3 hours.
Consider the following criteria to determine how often replication occurs within the schedule window:
A small interval decreases latency but increases the amount of WAN traffic.
To keep domain directory partitions up to date, low latency is preferred.

QUESTION 35
You need to recommend a solution to resolve the issue for the London office users. What should you do?

A.    Modify the properties of the OAB virtual directory.
B.    Create a new address book policy.
C.    Modify the properties of the default offline address book (OAB).
D.    Create a new arbitration mailbox.

Answer: D
Explanation:
NOT A
Will not resolve the issue
Need to create a new arbirtration mailbox
NOT B
Will not resolve the issue
Need to create a new arbirtration mailbox
NOT C
Will not resolve the issue
Need to create a new arbirtration mailbox
D
Exchange Server 2013 CAS role proxies the OAB download request to a “nearest” mailbox server hosting an active Organization Mailbox.
Both London and New York host a mailbox server and a client access server.
Therefore you need to create a new active Organization Mailbox
Administrators can create additional Organization Mailboxes for fault tolerance or for serving users in a geographically disbursed Exchange deployment.
The Organization Mailbox
The Organization Mailbox is a new type of arbitration mailbox introduced with Exchange 2013.
The arbitration mailbox with persisted capability OrganizationCapabilityOABGen is referred to as Organization Mailbox. It plays a crucial role in OAB generation, storage and distribution.
Each Exchange Server 2013 mailbox role hosting an Organization Mailbox will generate all Exchange 2013 OAB’s defined in the environment. The OAB is generated in the Organization Mailbox first and later copied to the disk.

QUESTION 36
Drag and Drop Question
You have an Exchange Server 2013 organization that contains several custom RBAC management roles.
You need to identify which RBAC scopes must be used to meet the following requirements:
– Manage only the mailboxes of the users in the sales department.
– Manage the properties of all the mailbox databases.
Which RBAC scopes should you identify? (To answer, drag the appropriate RBAC scopes to the correct requirements. Each RBAC scope may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

clip_image002[10]
Answer:

clip_image002[12]
Explanation:
http://technet.microsoft.com/en-us/library/dd335146(v=exchg.150).aspx
Management role scopes enable you to define the specific scope of impact or influence of a management role when a management role assignment is created. When you apply a scope, the role assignee assigned to the role can only modify the objects contained within that scope.
A role assignee can be a management role group, management role, management role assignment policy, user, or universal security group (USG)
Every management role, whether it’s a built-in role or a custom role, has management scopes.
Management scopes can be either of the following:
Regular
A regular scope isn’t exclusive. It determines where, in Active Directory, objects can be viewed or modified by users assigned the management role. In general, a management role indicates what you can create or modify, and a management role scope indicates where you can create or modify. Regular scopes can be either implicit or explicit scopes, both of which are discussed later in this topic.
Exclusive
An exclusive scope behaves almost the same as a regular scope. The key difference is that it enables you to deny users access to objects contained within the exclusive scope if those users aren’t assigned a role associated with the exclusive scope. All exclusive scopes are explicit scopes, which are discussed later in this topic.
Scopes can be inherited from the management role, specified as a predefined relative scope on a management role assignment, or created using custom filters and added to a management role assignment.
Scopes inherited from management roles are called implicit scopes while predefined and custom scopes are called explicit scopes.
Implicit scopes are the default scopes that apply to a management role type. Because implicit scopes are associated with a management role type, all of the parent and child management roles with the same role type also have the same implicit scopes.
Implicit scopes apply to both built-in management roles and also to custom management roles.
Implicit scopes defined on management roles
Implicit scopes Description
Organization If Organization is present in the role’s recipient write scope, the role can create or modify recipient objects across the Exchange organization.
If Organization is present in the role’s recipient read scope, roles can view any recipient object across the Exchange organization.
This scope is used only with recipient read and write scopes. MyGAL If MyGAL is present in the role’s recipient write scope, the role can view the properties of any recipient within the current user’s global address list (GAL). If MyGAL is present in the role’s recipient read scope, the role can view the properties of any recipient within the current GAL.
This scope is used only with recipient read scopes.
Self If Self is present in the role’s recipient write scope, the role can modify only the properties of the current user’s mailbox.
If Self is present in the role’s recipient read scope, the role can view only the properties of the current user’s mailbox.
This scope is used only with recipient read and write scopes. MyDistributionGroups If MyDistributionGroups is present in the role’s recipient write scope, the role can create or modify distribution list objects owned by the current user. If MyDistributionGroups is present in the role’s recipient read scope, the role can view distribution list objects owned by the current user.
This scope is used only with recipient read and write scopes. OrganizationConfig If OrganizationConfig is present in the role’s configuration write scope, the role can create or modify any server or database configuration object across the Exchange organization. If OrganizationConfig is present in the role’s configuration read scope, the role can view any server or database configuration object across the Exchange organization. This scope is used only with configuration read and write scopes. None If None is in a scope, that scope isn’t available to the role. For example, a role that has None in the recipient write scope can’t modify recipient objects in the Exchange organization. Explicit scopes are scopes that you set yourself to control which objects a management role can modify. Although implicit scopes are defined on a management role, explicit scopes are defined on a management role assignment.
This enables the implicit scopes to be applied consistently across all management roles unless you choose to use an overriding explicit scope. For more information about management role assignments, see Understanding Management Role Assignments. Explicit scopes override the implicit write and configuration scopes of a management role. They don’t override the implicit read scope of a management role. The implicit read scope continues to define what objects the management role can read.
Explicit scopes are useful when the implicit write scope of a management role doesn’t meet the needs of your business. You can add an explicit scope to include nearly anything you want as long as the new scope doesn’t exceed the bounds of the implicit read scope. The cmdlets that are part of a management role must be able to read information about the objects or containers that contain objects for the cmdlets to create or modify objects. For example, if the implicit read scope on a management role is set to Self, you can’t add an explicit write scope of Organization because the explicit write scope exceeds the bounds of the implicit read scope.
The OrganizationConfig implicit scope
If OrganizationConfig is present in the role’s configuration write scope, the role can create or modify any server or database configuration object across the Exchange organization. If OrganizationConfig is present in the role’s configuration read scope, the role can view any server or database configuration object across the Exchange organization. CAN MANAGE THE PROPERTIES OF ALL OF THE MAILBOX DATABASES. The Self Implicit Scope If Self is present in the role’s recipient write scope, the role can modify only the properties of the current user’s mailbox.
If Self is present in the role’s recipient read scope, the role can view only the properties of the current user’s mailbox.
CANNOT BE SELF AS IT PERTAINS TO ONLY THE PARTICULAR USER’S MAILBOX The Organization relative scope
If Organization is present in the role’s recipient write scope, the role can create or modify recipient objects across the Exchange organization.
If Organization is present in the role’s recipient read scope, roles can view any recipient object across the Exchange organization.
This scope is used only with recipient read and write scopes.
NOT MEANT FOR MANAGING MAILBOX DATABASES
A recipient is any mail-enabled object in the Active Directory directory service to which Exchange can deliver or route messages.
In Microsoft Exchange recipients are comprised of mailbox users, mail-enabled users, mail contacts, distribution groups, security groups, dynamic distribution groups, and mail-enabled public folders.
The Recipient filter explicit scope
Recipient filter scopes use filters to target specific recipients based on recipient type or other recipient properties such as department, manager, location, and more.
CAN TARGET THE USERS IN THE SALES DEPARTMENT

QUESTION 37
Drag and Drop Question
You have an Exchange Server 2007 organization. You are migrating the organization to Exchange Server 2013. The migration will last eight weeks. All servers are in a site named Site1. The servers in the organization are configured as shown in the following table. Users who have mailboxes on all of the servers will access Outlook Anywhere by using the mail.adatum.com name. You need to recommend which servers must be associated to the autodiscover.adatum.com and mail.adatum.com names. Which servers should you identify for each name? (To answer, drag the appropriate servers to the correct names. Each server may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

clip_image001
Answer:

clip_image001[4]
Explanation:
INCOMPLETE INFORMATION
MAKES IT TOO DIFFICULT TO EVEN GUESS HOW TO ARRIVE AT THE CORRECT ANSWER MAY DEPEND ON THE TYPE OF SERVER (MAILBOX OR CLIENT ACCESS SERVER THAT IS IN USE OR THE VERSION OF OUTLOOK BEING USED
TO DETERMINE IF AUTODISCOVER CAN BE UTILISED ON THAT PARTICULAR SERVER. WHEN CAN YOU USE AUTODISCOVER WHEN CAN YOU NOT USE AUTODISCOVER Autodiscover
Exchange Autodiscover is a service which is run on Exchange Client Access Servers. It is one of the new features it included in exchange 2007+ The Autodiscover service makes it easier to configure Outlook 2007 ,Outlook 2010 + and some mobile phones.
Autodiscover Service cannot be used with earlier versions of Outlook, including Outlook 2003. In earlier versions of Microsoft Exchange (Exchange 2003 SP2 or earlier) and Outlook (Outlook 2003 or earlier), you had to configure all user profiles manually to access Exchange. The Autodiscover service uses a user’s e-mail address and password to automatically configure a user’s profile. Using the e-mail address, the Autodiscover service provides the following information to the client:
The user’s display name.
Separate connection settings for internal and external connectivity.
The location of the user’s Mailbox server.
The URLs for various Outlook features that manage functionality such as OOF, free/busy information, Unified Messaging, and the offline address book.
Outlook Anywhere server settings.
Additionally, a new Active Directory object named the service connection point (SCP) is created on the server where you install the Client Access server role. And Autodiscover information is stored in it.
Exchange 2013 requires its Outlook clients support auto-discovery of the server; this is in part to help streamline cloud deployments of Exchange. Clients also have to support “Outlook Anywhere” access–remote procedure calls via HTTP–to connect to Exchange 2013 instead of using TCP-based RPCs as in older versions of Exchange.
What actually happens after you have entered your details is that the client looks for autodiscover.yourdomain.com and attempts to retrieve the rest of the server configuration details from there.

QUESTION 38
You have an Exchange Server 2013 organization that contains two Client Access servers named SERVER1 and SERVER2 and two Mailbox servers named SERVER3 and SERVER4. You have a firewall that controls all of the traffic between the internal network and the Internet. SERVER3 and SERVER4 are prevented from communicating with Internet hosts. SERVER1 and SERVER3 are in a site named Main. SERVER2 and SERVER4 are in a site named Main_2. All outbound email is sent through SERVER1. Main fails. You discover that email messages for the Internet are queued on SERVER4. You create a new send connector in Main_2. You discover that all of the outbound email is queued on SERVER4 and is not delivered to the Internet. You verify that the client computers on the network can receive email messages from the Internet successfully. You need to ensure that the email messages are delivered successfully to the Internet. Which cmdlet should you run?

A.    Set-SendConnector
B.    Set-TransportService
C.    Set-ExchangeServer
D.    Set-ADSite

Answer: A
Explanation:
Mailbox Server
In an Exchange Server 2013 organization the Mailbox server role is responsible for sending outbound email via a Send Connector.

clip_image001[6]
When this option is enabled outbound email that is being sent via a Send Connector does not go directly out from the Mailbox server, and instead is proxied through a Client Access server in the site. There is nothing complicated going on here, the Client Access server simply acts as a proxy for the connection so that the receiving host out on the internet sees the connection as coming from the Client Access server name and IP address rather than the Mailbox server. IN THIS QUESTION THE CLIENT ACCESS SERVER (SERVER1) IS ACTING AS A PROXY SERVER FOR THE MAILBOX SERVERS.
NEED TO CHANGE THE SEND CONNECTOR SETTINGS IN ORDER FOR MAIL TO FLOW OUT FROM SERVER4 TO THE INTERNET.
Correct Answer A
Set-SendConnector
Use the Set-SendConnector cmdlet to modify a Send connector.
EXAMPLE 1
This example makes the following configuration changes to the Send connector named
Contoso.com Send
Connector:
Sets the maximum message size limit to 10 MB.
Changes the connection inactivity time-out to 15 minutes. Set-SendConnector “Contoso.com Send Connector” -MaxMessageSize 10MB – ConnectionInactivityTimeOut
00:15:00
Send Connector
In Microsoft Exchange Server 2013, a Send connector controls the flow of outbound messages to the receiving server.
They are configured on Mailbox servers running the Transport service. Most commonly, you configure a Send connector to send outbound email messages to a smart host or directly to their recipient, using DNS.
Exchange 2013 Mailbox servers running the Transport service require Send connectors to deliver messages to the next hop on the way to their destination. Send connectors that are created on Mailbox servers are stored in Active Directory and are available to all Mailbox servers running the Transport service in the organization.

clip_image001[8]

clip_image002[14]

clip_image001[10]

NOT B
Set-transportservice
Use the Set-TransportService cmdlet to set the transport configuration options for the Transport service on Mailbox servers or for Edge Transport servers. This example sets the
TransientFailureRetryCount parameter to 3 and sets the TransientFailureRetryInterval parameter to 30 seconds for the Transport service on a Mailbox server named Mailbox01.
Set-TransportService Mailbox01 -TransientFailureRetryCount 3 -TransientFailureRetryInterval
00:00:30
NOT C
Will not resolve the issue
Set-ExchangeServer
Use the Set-ExchangeServer cmdlet to set Exchange attributes in Active Directory for a specified server.
For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example disables error reporting on the specified server. Set-ExchangeServer -Identity TestServer.Contoso.com -ErrorReportingEnabled: $false NOT D
Will not resolve the issue
Set-ADSite
Use the Set-AdSite cmdlet to configure the Exchange settings of Active Directory sites.
EXAMPLE 1
This example configures the Active Directory site named Default-First-Site-Name as a hub site. Set-AdSite Default-First-Site-Name -HubSiteEnabled $true

QUESTION 39
You have an Exchange Server 2013 organization named adatum.com. The organization contains five Mailbox servers and two Client Access servers. You need to ensure that an administrator named user1 receives a daily email message that contains a log of all the Exchange Server administrative actions. Which cmdlet should you use in a scheduled task?

A.    Search-AdminAuditLog
B.    Set-Mailbox
C.    New-AdminAuditLogSearch
D.    Set-ExchangeServer
E.    Set-AdminAuditLogConfig

Answer: C
Explanation:
NOT A
Use Search-AdminAuditLog for searching through the audit logs.
Search-AdminAuditLog
Use the Search-AdminAuditLog cmdlet to search the contents of the administrator audit log. For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example finds all the administrator audit log entries that contain either the New-RoleGroup or the New-ManagementRoleAssignment cmdlet.
Search-AdminAuditLog -Cmdlets New-RoleGroup, New-ManagementRoleAssignment NOT B
Set-Mailbox
Use the Set-Mailbox cmdlet to modify the settings of an existing mailbox. You can use this cmdlet for one mailbox at a time.
To perform bulk management, you can pipeline the output of various Get- cmdlets (for example, the Get-Mailbox or Get-User cmdlets) and configure several mailboxes in a single-line command. You can also use the Set-Mailbox cmdlet in scripts.
For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example delivers John Woods’s email messages to John’s mailbox and also forwards them to Manuel Oliveira’s (manuel@contoso.com) mailbox.
Set-Mailbox -Identity John -DeliverToMailboxAndForward $true -ForwardingSMTPAddress manuel@contoso.com
NOT D
Set-ExchangeServer
Use the Set-ExchangeServer cmdlet to set Exchange attributes in Active Directory for a specified server.
For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example disables error reporting on the specified server. Set-ExchangeServer -Identity TestServer.Contoso.com -ErrorReportingEnabled: $false NOT E
NOT Set-AdminAuditLogConfig
Use the Set-AdminAuditLogConfig cmdlet to configure the administrator audit logging configuration settings.
EXAMPLE 1
This example enables administrator audit logging for every cmdlet and every parameter in the organization, with the exception of Get cmdlets.
Set-AdminAuditLogConfig -AdminAuditLogEnabled $true -AdminAuditLogCmdlets * – AdminAuditLogParameters *
C
New-AdminAuditLogSearch
Use the New-AdminAuditLogSearch cmdlet to search the contents of the administrator audit log and send the results to one or more mailboxes that you specify. For information about the parameter sets in the Syntax section below, see Syntax.
EXAMPLE 1
This example finds all the administrator audit log entries that match the following criteria and sends the results to the david@contoso.com and chris@contoso.com SMTP addresses:
Cmdlets Set-Mailbox Parameters UseDatabaseQuotaDefaults, ProhibitSendReceiveQuota, ProhibitSendQuota StartDate 01/24/2012 EndDate 02/12/2012 New-AdminAuditLogSearch -Name “Mailbox Quota Change Audit” -Cmdlets Set-Mailbox -Parameters UseDatabaseQuotaDefaults, ProhibitSendReceiveQuota, ProhibitSendQuota -StartDate 01/24/2012 – EndDate
02/12/2012 -StatusMailRecipients david@contoso.com, chris@contoso.com

QUESTION 40
You have an Exchange Server 2013 organization. You plan to deploy Exchange ActiveSync for mobile devices. Each mobile device will be authenticated by using certificates issued by an internal certification authority (CA). You need to configure the organization to authenticate the mobile devices by using the certificates. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)

A.    From Internet Information Services (IIS) Manager on each Client Access server, configure the
Microsoft-Server-ActiveSync virtual directory to require client certificates.
B.    From Exchange Admin Center, configure the Microsoft-Server-ActiveSync virtual directory to require
client certificates.
C.    From Internet Information Services (IIS) Manager on each Client Access server, enable Active Directory
Client Certificate Authentication.
D.    From Internet Information Services (IIS) Manager on each Mailbox server, enable Active Directory Client
Certificate Authentication.

Answer: BC
Explanation:
NOT A
Enable Active Directory Client Certificate Authentication within IIS but configure the Microsoft- Server-ActiveSync virtual directory to require client certificates is performed in Exchange Admin Center
NOT D
IIS is configured on the Client Access Server not the Mailbox Server B
After you’ve installed the Exchange 2013 Client Access server, there are a variety of configuration tasks that you can perform.
Although the Client Access server in Exchange 2013 doesn’t handle processing for the client protocols, several settings need to be applied to the Client Access server, including virtual directory settings and certificate settings.
http://technet.microsoft.com/en-us/library/gg247612(v=exchg.150).aspx Exchange Server 2013 automatically configures multiple Internet Information Services (IIS) virtual directories during installation.
This topic contains information about the default IIS authentication settings and default Secure Sockets Layer (SSL) settings for the Client Access and Mailbox servers. The following table lists the default settings on a stand-alone Exchange 2013 Client Access server. Default Client Access server IIS authentication and SSL settings Virtual directory Authentication method SSL settings
Management method
Microsoft-Server-ActiveSync Basic authentication SSL required Requires 128-bit encryption EAC or Shell

clip_image001[12]

clip_image002[16]

C
Configure certificate-based authentication for Exchange ActiveSync
http://blogs.technet.com/b/exchange/archive/2012/11/28/configure-certificate-based- authentication-forexchange-
activesync.aspx
Client Access Server Configuration
To configure the Client Access server to enforce certificate based authentication :
1. Verify if Certificate Mapping Authentication is installed on the server. Right click on Computer in the start menu and choose Manage.
Expand Roles and click on Web Server (IIS)
Scroll down to the Role Services section. Under the Security section you should see Client Certificate Mapping
Authentication installed.

clip_image002[18]

clip_image001[14]

If you don’t see Client Certificate Mapping Authentication installed, click add Role Services > (scroll) Security and select Client Certificate Mapping Authentication and then click Install.
Reboot your server.

clip_image002[20]

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Official 2014 Latest Free Microsoft 70-341 Dump Download(21-30)!

Case Study 3: A.Datum Corporation (QUESTION 21 ~ QUESTION 27)
Overview
A. Datum Corporation is an airline catering company that has 8,000 users. A. Datum has three main offices. The offices are located in Detroit, Chicago, and New York.
Existing Environment
Active Directory Environment
The network contains an Active Directory forest named adatum.com. The forest contains a single domain. All domain controllers run Windows Server 2012. Each main office contains two domain controllers. Each office is configured as an Active Directory site. The functional level of the forest is Windows Server 2012.
Network Infrastructure
The offices connect to each other by using a dedicated WAN link. Only the office in New York and the office in Detroit connect directly to the Internet. Each office has a firewall. The public DNS records for A. Datum are configured as shown in the following table.

clip_image001
The external interface for the firewall in the New York office is configured to use an IP address of 131.107.1.200 and to pass inbound traffic on port 25 and port 443 to EX2. The external interface for the firewall in the Detroit office is configured to use an IP address of 131.107.2.200 and to pass inbound traffic on port 443 to EX4. The Active Directory site is configured as shown in the Sites exhibit. (Click the Exhibit button.) Exchange Server Organization
A. Datum has an Exchange Server 2013 organization that contains two servers. The servers are configured as shown in the following table.

clip_image001[4]
Each server contains 15 mailbox databases. Users use the name mail.adatum.com to connect to their mailbox from the Internet. The users use the FQDN of the servers to connect from the internal network. AM of the users in the Detroit office have a mailbox hosted on EX2. The default email address policy contains a single email address format of @adatum.com. A separate Send connector exists for the Chicago office and the New York office. The local servers in each office are the only source servers in each Send connector. The New York office is configured as a hub site. Antimalware filtering is disabled on EX1 and EX2.
Problem Statements
A. Datum identifies the following issues:
– Users in the Detroit office report that sometimes, Microsoft Outlook takes a long time to open.
– During a recent storage failure, administrators failed to restore the latest backup and lost all of the email messages from the previous 48 hours.
– Users report that the email messages sent to some Internet domains are not received. Users in the Chicago office report that some of their email messages generate a non-delivery report (NDR).
– The help desk in the New York office reports that its most common Exchange-related task is to restore email messages that were deleted by users more than 14 days ago. The task requires time-consuming restore operations by the help desk.
Requirements
Business Requirements
A. Datum wants to provide users with the ability to access their email from Internet Explorer 10, even when the users are disconnected from the network. This ability must only be available if the users log on to Outlook Web Access by using the Private option.
Planned Changes
You plan to deploy three additional Exchange Server 2013 servers. The servers will be configured as shown in the following table.

clip_image001[6]
After the planned deployment, all of the mailboxes of the Detroit office users will be moved to EX3. All of the Detroit office users will use the name detroitmail.adatum.com when they connect from the Internet and the name ex4.adatum.com when they connect from the internal network.
Technical Requirements
A. Datum identifies the following technical requirements:
– All existing and future mailboxes must be limited to 5 GB of storage.
– Antimalware and anti-spam filtering must be enabled for the entire Exchange Server organization.
– If storage for the mailbox database fails, administrators must be able to recover email messages handled by transport services for to the last five days.
– Only the members of a group named Executives must be able to schedule meetings in a room mailbox named Boardroom. Meeting requests must not be moderated.
– All of the servers in the New York office that have the Client Access server role installed must be accessed by using a load balancing solution that can mark a server as down ifa specific URL on the server is unavailable.
Mailbox Creation Requirements
A. Datum identifies the following requirements for creating new mailboxes:
– All mailboxes must automatically have single item recovery enabled.
– All mailboxes must automatically have the Exchange ActiveSync feature disabled.

QUESTION 21
Hotspot Question
You need to recommend a solution to meet the technical requirements for mailbox size restrictions. Which command should you include in the recommendation? (To answer, select the appropriate options in the answer area.)

clip_image002
Answer:

clip_image002[4]

QUESTION 22
Drag and Drop Question
You need to recommend a solution to meet the technical requirements for email message recovery. Which command should you include in the recommendation? (To answer, configure the appropriate options in the answer area.)

clip_image001[8]
Answer:

clip_image001[10]

QUESTION 23
You are evaluating the planned deployment of the additional Exchange Server 2013 servers. You need to recommend changes to the DNS records to ensure that email messages are routed to the Detroit site if the servers in the New York site are unavailable. What should you recommend adding?

A.    An MX record that has a preference value of 10 that points to EX4
B.    An MX record that has a preference value of 20 that points to EX4
C.    An MX record that has a preference value of 10 that points to EX3
D.    An MX record that has a preference value of 20 that points to EX3

Answer: B
Explanation:
NOT A C D
Need to change the value of the MX record to achieve the desired result.
Need to have a preference value greater for the 2nd preferred exchange mail server (Detroit) than the 1st preferred mail server.(New York)
That is it needs to point to the Detroit mail server (EX4) only if the New York mail server is unavailable.
B
Need to point to EX4 and have a higher preference value than 10. (The default value of New York mail server MX record)

QUESTION 24
You need to recommend a solution to resolve the issue of email messages not being received on the Internet. What should you include in the solution?

A.    Modify the CNAME record.
B.    Add an MX record.
C.    Modify the TXT record.
D.    Add a pointer (PTR) record.

Answer: D

QUESTION 25
You need to recommend a solution for the New York office that meets the technical requirements for client access. What should you include in the recommendation? (Each correct answer presents a complete solution. Choose all that apply.)

A.    A Layer 4 hardware load balancer
B.    A Client Access server array
C.    A Layer 7 hardware load balancer
D.    The Network Load Balancing (NLB) feature
E.    DNS round robin

Answer: AC

QUESTION 26
You need to recommend a solution to meet the mailbox creation requirements. Which three actions should you recommend performing in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)

clip_image002[6]
Answer:
Explanation:

clip_image002[8]
Edit the ScriptingAgentConfig.xml.sample file, and then rename the file as 
ScriptingAgentConfig.xml.
Copy the ScriptingAgentConfig.xml file to all of the Mailbox servers Run the Enable-CmdletExtensionAgent “Scripting Agent” command
http://technet.microsoft.com/en-us/library/dd335054(v=exchg.150).aspx
Cmdlet Extension Agents
Cmdlet extension agents are components in Microsoft Exchange Server 2013 invoked by Exchange cmdlets when the cmdlets run. As the name implies, cmdlet extension agents extend the capabilities of the
cmdlets that invoke them by assisting in processing data or performing additional actions based on the requirements of the cmdlet. Cmdlet extension agents are available on any server role.
Agents can modify, replace, or extend functionality of Exchange Management Shell cmdlets. An agent can provide a value for a required parameter that isn’t provided on a command, override a value provided by a user, perform other actions outside of the cmdlet workflow while a cmdlet runs, and more.
You can use the Scripting agent cmdlet extension agent in Exchange 2013 to insert your own scripting logic into the execution of Exchange cmdlets. Using the Scripting agent, you can add conditions, override values, and set up reporting.
Every time an Exchange cmdlet is run, the cmdlet invokes the Scripting agent cmdlet extension agent. When this agent is invoked, the cmdlet checks whether any scripts are configured to be invoked by the cmdlet. If a script should be run for a cmdlet, the cmdlet tries to invoke any APIs defined in the script.
The Scripting agent configuration file contains all the scripts that you want the Scripting agent to run. Scripts in the configuration file are contained within XML tags that define the beginning and end of the script and various input parameters required to pass data to the script. Scripts are written using Windows PowerShell syntax. The configuration file is an XML file that uses the elements or attributes in the following table.
Every Exchange 2013 server includes the file ScriptingAgentConfig.xml.sample in the <installation path>\V15\Bin\CmdletExtensionAgents folder. This file must be renamed to ScriptingAgentConfig.xml on every Exchange 2013 server if you enable the Scripting Agent cmdlet extension agent. The sample configuration file contains sample scripts that you can use to help you understand how to add scripts to the configuration file. After you add a script to the configuration file, or if you make a change to the configuration file, you must update the file on every Exchange 2013 server in your organization. This must be done to make sure that each server contains an up-to-date version of the scripts that the Scripting Agent cmdlet extension agent runs.
ScriptingAgentConfig.xml
Renamed from ScriptingAgentConfig.xml.sample on every Exchange 2013 server if you enable the Scripting Agent cmdlet extension agent.
ScrptingAgentConfig.xml.sample
Every Exchange 2013 server includes the file ScriptingAgentConfig.xml.sample in the <installation path>\V15
\Bin\CmdletExtensionAgents folder.
This file must be renamed to ScriptingAgentConfig.xml on every Exchange 2013 server if you enable the Scripting Agent cmdlet extension agent.
The sample configuration file contains sample scripts that you can use to help you understand how to add scripts to the configuration file.
Enable-CmdletExtensionAgent “Scripting Agent” command
Use the Enable-CmdletExtensionAgent cmdlet on a server running Microsoft Exchange Server 2013 to enable a cmdlet extension agent.
EXAMPLE 1 This example enables the Scripting Agent cmdlet extension agent. Before you enable the Scripting Agent, you need to make sure that you’ve first deployed the ScriptingAgentConfig.xml configuration file to all the servers in your organization. If you don’t deploy the configuration file first and you enable the Scripting Agent, all non-Get cmdlets fail when they’re run.
Enable-CmdletExtensionAgent “Scripting Agent”
Run the Set-CmdletExtensionAgent “Scripting Agent” command Use the
Set-CmdletExtensionAgent cmdlet on a server running Microsoft Exchange Server 2013 to modify a cmdlet extension agent.
EXAMPLE 1
This example changes the priority of the fictitious “Validation Agent” cmdlet extension agent to 9. Set-CmdletExtensionAgent “Validation Agent” -Priority 9 STEPS
1. Edit the ScriptingAgentConfig,xml.sample file, and then rename the file as
ScriptingAgentConfig.xml
Need to add in your own appropriate scripts
2. Copy the ScriptingAgentConfig.xml file to all of the Mailbox Servers The question refers to mailbox creation requirements but according to the above information – After you add a script to the configuration file, or if you make a change to the configuration file, you must update the file on every Exchange 2013 server in your organization. In the absence of further information, accept updating the mailbox servers over the client access servers
3.Enable- CmdletExtensionAgent “Scripting Agent” command Have to enable the cmdlet extension agent.

QUESTION 27
You are evaluating the deployment of the additional Exchange Server 2013 servers. You need to recommend changes to the transport configurations to ensure that all email messages sent from the Detroit office are routed through EX2. What should you include in the recommendation?

A.    Increase the cost of the CHI-NY site link to 15.
B.    Specify an Exchange-specific cost of 20 for the CHI-DET site link.
C.    Decrease the cost of the CHI-NY and the DET-NY site links to 4.
D.    Increase the cost of the DET-NY site link to 15.

Answer: B

Case Study 4: Proseware, Inc (QUESTION 28 ~ QUESTION 34)
Overview
General Overview
Proseware, Inc., is an international manufacturing company that has 3,000 users. Proseware has a sales department, a marketing department, a research department, and a human resources department. Proseware recently purchased a small competitor named Contoso, Ltd.
Physical Locations
Proseware has two offices. The offices are located in New York and London. The offices connect to each other by using a WAN link. Each office connects directly to the Internet.
Contoso has one office in Chicago.
Existing Environment
Active Directory Environment
The network of Proseware contains an Active Directory forest named proseware.com. The forest contains a single domain and two sites named London and New York. Each site contains two domain controllers that run Windows Server 2008 R2. The domain controllers in the New York site are named DC1 and DC2. The domain controllers in the London site are named DC3 and DC4. All FSMO roles are hosted on DC3 and DC4. The network of Contoso contains an Active Directory forest named contoso.com. The forest contains five domain controllers and one site.
Exchange Server Organization
Proseware has an Exchange Server 2013 organization that contains two database availability groups (DAGs) named DAG-NYC and DAG-LON. The DAGs are configured as shown in the following table.

clip_image001[12]
The certificate used for Exchange Server 2013 has a subject name of mail.proseware.com and a Subject Alternative Name (SAN) of autodiscover.proseware.com. Each mailbox database has three copies. All users connect to an active copy of the database on a server in their respective office. Native data protection is implemented. NTLM communication is used exclusively for Outlook Anywhere both internally and externally.
Problem Statements
Proseware identifies the following issues:
– Users report that sometimes, they fail to access the free/busy information of the other users. You also discover that some users fail to retrieve Autodiscover settings.
– Users in the London office report that during a 24-hour WAN outage, they could see only new users in the global address list (GAL) from Outlook Web App.
– The manager of the human resources department in the New York office cannot see new London office users in the GAL until several hours after the help desk confirms that the users were created.
– A hung MSExchangeOWAAppPool in Internet Information Services (IIS) on EX1 causes all of the database copies to fail over. Despite having the same CopyQueueLength and ReplayQueueLength as the copies on EX2, the copies on EX3, which have a higher activation preference, are activated, forcing user connections over the WAN.
– A custom application named Appl recently malfunctioned and sent hundreds of false positive email notifications that had a subject of System Alert: Sales Database Reaching Capacity to all of the users in the organization. While attempting to remove the email messages, an administrator ran the Search-Mailbox -DeleteContent command and erroneously deleted valid email messages from the mailboxes of some executives.
Requirements
Business Goal
Proseware identifies the following business goals:
– Reduce the costs associated with using bandwidth on the WAN links.
– Improve social media integration by using a Microsoft Outlook app that will be deployed to all of the users in the sales department.
Planned Changes
Proseware plans to make the following changes:
– Implement a lagged copy for the mailbox database of the executives.
– Implement an RBAC-linked role group for the administrators at Contoso to manage the mailboxes of the Proseware users.
Technical Requirements
Proseware identifies the following technical requirements:
– End users must be notified after one hour if the email messages that they send are not delivered.
– If mailbox database storage fails, the IT department must be able to recover old email messages that were sent up to five days earlier to the mailboxes of the executives.
– All new users hired at Contoso must have a user account in contoso.com and an Exchange Server mailbox in proseware.com. All new user accounts in contoso.com must have a user principal name (UPN) that ends with proseware.com.
– Administrators at Contoso must be able to create and manage recipient objects in the Exchange Server organization of Proseware by using their existing contoso.com administrator account. All Contoso recipient objects must reside in an organizational unit (OU) named proseware.com.
Security Requirements
The Chief Security Officer (CSO) introduces the following security requirements:
– All Outlook users who connect from the Internet must use Basic authentication only.
– All Outlook users who connect from the internal network must use NTLM authentication only.
SLA Requirements
Due to productivity losses during some recent maintenance windows, the Chief Information Officer (CIO) introduces a new service level agreement (SLA) requiring that all servers entering or exiting a maintenance window must be taken in and out of service properly.
The SLA contains the following requirements:
– All mounted databases on the server undergoing maintenance must be activated on another server.
– All message queues on the server undergoing maintenance must be empty before maintenance can begin.
– The server undergoing maintenance must be prevented from becoming a Primary Active Manager (PAM).
– Databases copies on the server undergoing maintenance must not be activated while maintenance is occurring.

QUESTION 28
Hotspot Question
You are attempting to resolve the database activation issue. You need to identify why the database copies are activated on EX3 instead of EX2. Which command should you use? (To answer, select the appropriate options in the answer area.)

clip_image002[10]

clip_image002[12]
Answer:

clip_image002[14]

QUESTION 29
Drag and Drop Question
You need to identify which commands must be run to perform the maintenance window tasks. Which commands should you run? (To answer, drag the appropriate commands to the correct tasks. Each command may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)

clip_image002[16]
Answer:

clip_image002[18]

QUESTION 30
You need to recommend which command must be run to remove the email notifications from all of the servers if App1 malfunctions again. Which command should you recommend? (To answer, configure the appropriate options in the answer area.)

clip_image002[20]

clip_image002[22]
Answer:

clip_image002[24]

If you want to pass the Microsoft 70-341 Exam sucessfully, recommend to read latest Microsoft 70-341 Dump full version.

Pages: 1 2 ... 361 362 363 364 365 366 367 368