MS-203: Microsoft 365 Messaging

As the Messaging administrator for Lucerne Publishing, Patti Fernandez wants to create journaling rules to record email communications as part of Lucerne's email retention strategy. What's the maximum number of journal rules that Patti can create in Microsoft 365? -10 -25 -50

10 -In Microsoft 365, the maximum number of journal rules that you can create is 10.

Fabrikam has a Microsoft 365 E5 subscription. As the Messaging administrator for Fabrikam, Holly Spencer wants to configure storage quotas to control the size of mailboxes and manage the growth of mailbox databases in the company's Exchange Online deployment. What's the fixed maximum storage quota for the primary mailbox in Fabrikam's Exchange Online deployment? -50 GB -100 GB -250 GB

100 GB -In Microsoft 365, Exchange Online storage quotas have a fixed maximum for the primary mailbox. They also depend on subscription type, such as 50 GB for Business subscriptions and 100 GB for Enterprise subscription. Since Fabrikam has a Microsoft 365 E5 subscription, it has a 100 GB maximum storage quota.

As the Messaging administrator for Tailspin Toys, Alan Deyoung wants to set storage quota limits for user mailboxes. Alan has set the "Prohibit send" quota to 8 MB and the "Prohibit send and receive" quota to 10 MB. Alan has selected the "Issue a warning" check box to automatically warn mailbox users that their mailbox is approaching its storage limit. For the Issue warning quota message to be sent, what value must Alan set the "Issue warning" quota to? -4 MB -8 MB -20 MB

4 MB - The message associated with the "Issue warning" quota won't be sent to the user unless the value of this setting is greater than 50% of the value specified in the "Prohibit send" quota. Since Alan set the "Prohibit send" quota to 8 MB, the "Issue warning" quota must be set to at least 4 MB; otherwise, the Issue warning quota message won't be sent.

Which port used by Exchange is the most import port used for client access? -25/TCP -80/TCP -443/TCP

443/TCP - Most client access is tunneled over HTTPS. This port is the most important port for client access.

Which port used by Exchange is the most import port used for client access? -25/TCP -80/TCP -443/TCP

443/TCP -Most client access is tunneled over HTTPS. This port is the most important port for client access.

As the Messaging administrator for Fabrikam, Holly Spencer is using the Queue Viewer tool to troubleshoot some recent SMTP mail flow issues. Holly has noticed that there's many messages in the Mailbox Delivery queue. What's the most common cause for this situation? -A dismounted mailbox database -The categorizer is having problems processing the messages -Messages can' be routed to their destination

A dismounted mailbox database - There's a delivery queue for each mailbox database to which messages are destined. On a busy server, you may see a few messages in each queue. If there are many messages in a queue, the most common cause is a dismounted mailbox database.

Mail flow processing requires multiple DNS record types to be configured. What record type should you verify when troubleshooting mail routing in a coexistence scenario to ensure that it's configured properly? -A records -CNAME records -TXT records

A records - When you're troubleshooting mail routing during coexistence, you should verify that A records and PTR records are properly configured in a coexistence scenario.

Mail flow processing requires multiple DNS record types to be configured. What record type should you verify when troubleshooting mail routing in a coexistence scenario to ensure that it's configured properly? -A records -CNAME records -TXT records

A records -When you're troubleshooting mail routing during coexistence, you should verify that A records and PTR records are properly configured in a coexistence scenario.

RBAC applies permissions to all Exchange objects within what type of Exchange forest? -A Resource forest -All forests in the same forest topology type -A single forest

A single forest - RBAC applies permissions to all Exchange objects within a single forest. The RBAC configuration in each forest is configured independently of all other forests.

Fabrikam has an on-premises Exchange Server deployment. As the Messaging administrator for Fabrikam, Holly Spencer wants to implement mailbox audit logging to help determine who has accessed a specific mailbox and what they've done. What must Holly do to implement mailbox audit logging? -Holly doesn't have to do anything, since mailbox audit logging is activated by default in Exchange Server -Activate audit logging for all mailboxes using the Exchange admin center -Activate audit logging for the specific mailbox using the Exchange Management Shell

Activate audit logging for the specific mailbox using the Exchange Management Shell -Mailbox audit logging must be activated manually per mailbox in Exchange Server. You can't use the Exchange admin center (EAC) to enable or disable mailbox audit logging. Instead, you must use the Exchange Management Shell to enable mailbox audit logging.

As the Messaging admin for Tailspin Toys, Alan Deyoung is planning the company's role assignment policies. In doing so, Alan has realized that the default role assignment policy isn't enough to fulfill all of Tailspin's business requirements. When this situation occurs, an organization has three options that it can choose from to address the issue. Which of the following items is one of those options? -Create a new role assignment policy from the built-in roles and assign it to role groups -Create new end-user roles and add them to role groups -Add or remove user roles from the default role assignment policy

Add or remove user roles from the default role assignment policy -This item is one of the options that an organization can choose from. The other two options are: Create a new role assignment policy from the built-in roles and assign it to individual users, and Create new end-user roles and add them to a role assignment policy.

Which Microsoft Defender for Office 365 tool identifies and blocks malicious files in online libraries? -Safe Attachments -Anti-malware -Advanced threat protection for SharePoint, OneDrive, and Microsoft Teams

Advanced threat protection for SharePoint, OneDrive, and Microsoft Teams -These tools identify and block malicious files in online libraries.

Tailspin Toys runs Exchange Server 2019. As the company's Messaging administrator, Alan Deyoung increased the maximum Sent message size for the organization from 10 MB to 20 MB. However, Alan later learned that some users' messages were being blocked because they were too large. The blocked messages were all around 15 MB in size. Why were they blocked? -Alan didn't update the Shadow redundancy setting -Alan didn't change the maximum message size on Tailspin Toys' Send connector to 20 MB -Alan didn't adjust the message throttling setting on the Send connector

Alan didn't change the maximum message size on Tailspin Toys' Send connector to 20 MB - Even if you configure organization level settings, you may still need to configure individual services or Exchange objects. For example, if you change the maximum message size for your organization, you must also change the maximum message sizes on your receive and send connectors. Failure to do so will still block your users' messages if they're too large.

Tailspin Toys has an Exchange Server 2019 on-premises deployment. Alan Deyoung, who's assigned the Microsoft 365 Messaging admin role, wants to configure the company's password policy in Microsoft 365. However, Alan has discovered that the password policy settings are disabled in the Microsoft 365 admin center. Which of the following items would cause these settings to be disabled? -Password policies can only be defined for Exchange Online and hybrid deployments -Password policies can only be defined in Azure Active Directory -Alan is assigned the Microsoft 365 Messaging admin role and not the Global Administrator role

Alan is assigned the Microsoft 365 Messaging admin role and not the Global Administrator role - You must be assigned the Global admin role to configure password policy in Microsoft 365.

Which anti-phishing feature in Exchange Online Protection turns spoof intelligence on or off, turns unauthenticated sender identification in Outlook on or off, and specifies the action for blocked spoofed senders? -Spoof intelligence -Anti-phishing policies -Implicit email authentication

Anti-phishing policies -These policies turn spoof intelligence on or off, turn unauthenticated sender identification in Outlook on or off, and specify the action for blocked spoofed senders (move to Junk Email folder or quarantine).

As the Messaging administrator for Lucerne Publishing, Patti Fernandez enabled anti-spam functionality on the company's Exchange Server Mailbox server. What happened as a result of this action? -The Transport service routes messages through a hub site to check for spam -Anti-spam transport agents were installed -When Exchange Server calculates the least-cost routing path, the cost assigned to anti-spam testing is added to the total cost

Anti-spam transport agents were installed -If anti-spam functionality is enabled on an Exchange Server Mailbox server, the anti-spam transport agents are installed. This transport agent in turn scans messages that pass through the Transport service.

Which type of SMTP domain is an accepted domain in which all recipients are hosted in the Exchange organization? -Authoritative domain -Remote domain -Relay domain

Authoritative domain - An authoritative domain is an accepted domain in which all recipients are hosted in the Exchange organization.

As the Messaging administrator for Lucerne Publishing, Patti Fernandez wants to eliminate the potential for data theft or exposure because of lost, stolen, or inappropriately decommissioned computers and disks. Which of the following encryption technologies should Patti implement to provide this functionality? -Distributed Key Manager (DKIM) -BitLocker -Office 365 Message Encryption

BitLocker -Microsoft 365 servers use BitLocker to encrypt the disk drives containing customer data at rest at the volume-level. BitLocker eliminates the potential for data theft or exposure because of lost, stolen, or inappropriately decommissioned computers and disks.

As the Messaging administrator for Contoso, Holly Dickson wants to assign multiple end-user roles to Susie, who's an end user in the Sales department. What's the easiest way for Holly to assign multiple end-user roles to Susie? -Assign a role group that includes multiple roles -Through a role assignment policy -By assigning each individual end-user role to Susie

By assigning each individual end-user role to Susie -Holly can't assign a role group to Susie, because role groups are only used with administrative roles and not end-user roles. Holly must assign each individual end-user role to Susie.

Contoso and Fabrikam each have an Exchange Server 2019 deployment. As the Messaging administrator for Contoso, Holly Dickson wants to configure federated sharing between the two organizations. However, Holly wants to control the federated sharing by limiting it to specific users. How can Holly implement this level of federated sharing? -By creating an organization relationship with Fabrikam -By creating sharing policies within Exchange that are assigned to selected users -By using the default sharing policy within Exchange

By creating sharing policies within Exchange that are assigned to selected users - A sharing policy that you create in Exchange can be assigned to specific users. This design enables you to ensure that sharing policies can be granular and not automatically available for everybody in an external organization as when you configure organization relationships.

As the Message administrator for Contoso, Holly Dickson wants to configure mutual TLS to secure a connector to Fabrikam, one of Contoso's partner organizations. Securing a connector to Fabrikam will enable Holly to manage secured message paths between domains over the Internet. In this configuration, how should the Contoso mailbox server verify the identity of the Fabrikam mailbox server? -By reviewing the receive protocol log for STARTTLS events that are marked successful -By validating the certificate provided by the Fabrikam mailbox server -By verifying the identity of the server that's stored in Fabrikam's MX record

By validating the certificate provided by the Fabrikam mailbox server - An organization should configure mutual TLS to secure a connector to a partner organization. In this configuration, each mailbox server should verify the identity of the other server by validating the certificate the other mailbox server provides. This design is an easy way for administrators to manage secured message paths between domains over the Internet.

Which advanced anti-phishing feature in Microsoft Defender for Office 365 uses machine learning and other heuristics to identify and analyze messages that are involved in coordinated phishing attacks against the entire service and your organization? -Anti-phishing policies -Campaign Views -Attack simulator

Campaign Views -Campaign Views use machine learning and other heuristics to identify and analyze messages that are involved in coordinated phishing attacks against the entire service and your organization.

Which transport service component is responsible for making routing decisions? -Submission queue -Pickup directory -Categorizer

Categorizer -The categorizer is the component that's responsible for making routing decisions. Each message is retrieved from the submission queue and processed by the categorizer to determine how a message should be delivered. Once the message delivery process has been determined, the categorizer places the message in a delivery queue.

Lucerne Publishing currently has one Edge Transport server. As the company's Messaging administrator, Patti Fernandez wants to expand the company's messaging infrastructure by creating additional Edge Transport servers. None of the Edge Transport servers are domain joined. How can Patti apply the company's Edge Transport rules from its existing Edge Transport server to the new Edge Transport servers? -Clone the Edge Transport server configuration -Enable automated replication of transport rules on the new Edge Transport servers -Move the Edge Transport rules from the Edge Transport server to the company's mailbox servers

Clone the Edge Transport server configuration -Edge Transport rules are configured on each Edge Transport server. Edge Transport rules that you create and configure on Edge Transport servers are stored in the local instance of AD LDS on the server. No automated replication of transport rules occurs on Edge Transport servers. Rules on the Edge Transport server apply only to messages that flow through the local server. If you need to apply the same set of mail flow rules on multiple Edge Transport servers, you can clone the Edge Transport server configuration, or export and import the mail flow rules.

Fabrikam's Sales team has been running content searches on a large number of mailboxes and SharePoint sites. As the Messaging administrator for Fabrikam, Holly Spencer is getting frustrated with the performance of these searches. What can Holly recommend to the Sales team to help them improve the performance of their content searches? -Buy more powerful computers -Run their searches using PowerShell rather than the Microsoft Purview compliance portal -Clone their content searches into multiple, smaller searches

Clone their content searches into multiple, smaller searches -Although enhanced by scalability and performance improvements, searching a large number of mailboxes or SharePoint sites when using Content Search may still take a while to complete. Cloning a Content Search can be used to break up a large, single search into multiple, smaller searches that run more quickly.

As the Messaging Administrator for Contoso, Holly Dickson is configuring the company's Exchange Online deployment. Holly has configured Internet SMTP email to be sent out directly from Exchange Online Protection to the recipient's mail server. What other configuration must Holly complete in Contoso's Exchange Online deployment? -Configure Exchange Online internal routing to route any messages from Contoso's Exchange organization to an Internet domain to the Internet -Subscribe to Exchange Online Protection for email protection services for on-premises mailboxes -Configure Contoso's DNS MX record to point inbound to Exchange Online

Configure Contoso's DNS MX record to point inbound to Exchange Online -The only other requirement in an Exchange Online deployment is to configure the organization's DNS MX record to point inbound to Exchange Online.

Contoso wants to migrate from a third-party email solution to its Exchange Server. Since the domain suffix is the same for all users in the third-party email solution and Contoso's Exchange Server, what must Contoso's Messaging administrator do to properly configure the Exchange Server to allow correct email routing? -Configure one or more Active Directory sites as hub sites -Configure an SMTP Receive connector that enables an Exchange Transport service to receive mail from any other SMTP sources -Configure a shared namespace environment

Configure a shared namespace environment -Shared namespace is a scenario where an organization shares the same SMTP domain between its Exchange Server and a third-party email solution. Since the domain suffix is the same for all users, Exchange Server must be configured properly to allow correct email routing. This design requires the Messaging administrator to configure a shared namespace environment.

Contoso and Fabrikam each have an Exchange Server 2019 deployment. As the new Messaging administrator for Contoso, Holly Dickson wants to configure federated sharing between the two organizations. While verifying which Azure AD authentication system instance each Exchange organization uses, Holly discovered that a federation trust already exists between the two organizations. Given this situation, what does Holly need to do to implement federated sharing with Fabrikam? -Run the Federation Trust wizard to generate a new self-signed certificate -Change the existing federated trust relationship to reflect each organization's current domain infrastructure -Configure an organization relationship

Configure an organization relationship - If a federation trust to the Azure AD authentication system already exists for both Exchange organizations, you don't need to change the federation trust. Instead, you just have to configure an organization relationship or sharing policy.

As the Messaging administrator for Lucerne Publishing, Patti Fernandez wants to implement an anti-phishing policy that applies to all users in the organization. What's the easiest way for Patti to implement such a policy? -Configure the Sender Policy Framework -Create a custom anti-phishing policy in the Microsoft 365 Defender portal and configure it for all users in the company -Configure the default anti-phishing policy in the Microsoft 365 Defender portal to meet the company's needs

Configure the default anti-phishing policy in the Microsoft 365 Defender portal to meet the company's needs - Anti-phishing policies are managed in the Microsoft 365 Defender portal. The default policy applies to all users within the organization. Patti can fine-tune anti-phishing protection by configuring the default policy to meet the company's needs.

Fabrikam has multiple mailbox servers. As the Messaging administrator for Fabrikam, Holly Spencer wants to configure a message transport rule that can identify and act on messages that flow through the transport pipeline in Fabrikam's Exchange organization. What must Holly do to make this new rule accessible to all of Fabrikam's mailbox servers? -Configure the rule on each of Fabrikam's mailbox servers -Configure the rule on one of Fabrikam's mailbox servers -Configure the rule in the Configuration container in Active Directory

Configure the rule on one of Fabrikam's mailbox servers - Transport rules are configured at the mailbox server level. Transport rules configured on one Mailbox server automatically apply to all other Mailbox servers in the organization. Exchange Server stores the transport rules in the Configuration container in Active Directory and replicates them throughout the Active Directory forest. This process makes the rules accessible to all other Mailbox servers. By doing so, Exchange Server applies the same transport rules to all email messages that users send or receive in the organization.

As the Messaging administrator for Tailspin Toys, Alan Deyoung wants to use Content Search to find and remove high-risk email that contains sensitive data. Alan has created and refined a Content Search that returns these messages. What's the next step that Alan must complete? -Delete the returned messages using the Microsoft 365 Defender portal -Delete the returned messages using the Microsoft Purview compliance portal -Connect to the Microsoft Compliance portal PowerShell and run the New- ComplianceSearchAction cmdlet

Connect to the Microsoft Compliance portal PowerShell and run the New-ComplianceSearchAction cmdlet - After you've created and refined a Content Search to return the messages that you want to remove, the final step is to connect to the Microsoft Compliance portal PowerShell and then run the New-ComplianceSearchAction cmdlet to delete the messages. Deleted messages are moved to a user's Recoverable Items folder.

Which anti-spam agent on Edge Transport servers uses an IP blocklist, IP allowlist, IP blocklist providers, and IP allowlist providers to determine whether a connection should be blocked or allowed? -Connection Filtering agent -Recipient Filter agent -Sender Filter agent

Connection Filtering agent -Connection filtering uses an IP blocklist, IP allowlist, IP blocklist providers, and IP allowlist providers to determine whether a connection should be blocked or allowed.

Which anti-spam agent assigns a spam confidence level (SCL) to each message based on data from both legitimate messages and spam messages? -Content Filter agent -Sender Filter agent -Attachment Filtering agent

Content Filter agent -The Content filtering agent assigns an SCL to each message based on data from both legitimate messages and spam messages.

Contoso and Fabrikam are both Exchange Server organizations. As the Messaging administrator for Contoso, Holly Dickson wants to create an organization relationship with Fabrikam. What's the first thing that Holly must do to accomplish this task? -Create the organization relationship in the Exchange admin center -Use Autodiscover to obtain the uniform resource locator (URL) for Fabrikam's Availability Web Service -Create a TXT record in Contoso's public DNS that validates the Contoso domain that will be used to configure the federated trust

Create a TXT record in Contoso's public DNS that validates the Contoso domain that will be used to configure the federated trust - When you configure the organization relationship in the Exchange admin center, the Azure AD authentication system checks your DNS zone and searches for the appropriate TXT resource record. This record must have the content for validating the domain that will be used to configure the OrgID for the federation trust. Holly must create this TXT record before creating the organization relationship.

As the Messaging administrator for Tailspin Toys, Alan Deyoung wants to move a user's archive mailbox to another mailbox database on the same Mailbox server. What must Alan do to move the user's archive mailbox? -Create a migration batch and perform a remote mailbox move request -Create a mailbox move request -Create a migration endpoint for a local mailbox move

Create a mailbox move request -Alan must create a mailbox move request to move the user's archive mailbox to another mailbox database on the same Mailbox server or to another server, independent of the primary mailbox.

Fabrikam has an on-premises Exchange Server 2019 deployment. As the Messaging administrator for Fabrikam, Holly Spencer wants to run EOP Standalone on Fabrikam's on-premises email servers. What must Holly do to enable mail flow between EOP and Fabrikam's Exchange environment? -Create connectors -Open port 80 in Fabrikam's firewall -Create connectors using the Hybrid Configuration Wizard

Create connectors - For EOP standalone, you must create the connectors yourself.

As the Messaging administrator for Tailspin Toys, Alan Deyoung wants to assign built-in role groups in Exchange to several administrators. However, Alan has discovered that the built-in role groups in Exchange don't match the job function of these administrators. What should Alan do? -Assign the built-in role groups to the administrators and then customize the roles assigned to these role groups to meet Tailspin's requirements -Create custom role groups and add roles to them -Create custom roles that meet Tailspin's requirements and assign the roles to the administrators

Create custom role groups and add roles to them - If the built-in role groups in Exchange don't match the job function of your administrators, you can create custom role groups and add roles to them.

Which of the following items is a type of multiple forest topologies that Microsoft Exchange Server supports? -Security forest -Cross forest -Active Directory forest

Cross forest - Microsoft Exchange Server supports Cross-forest and Resource forest topologies. A cross-forest topology type can have multiple forests, each with their own installation of Exchange. A resource forest topology type has an Exchange forest and one or more accounts forests.

Which Exchange Management Shell cmdlet isn't available when connected to Exchange Online? -Get-MessageTrace -Get-MessageTraceDetails -Get-MessageTrackingLog

Get-MessageTrackingLog -The Get-MessageTrackingLog cmdlet isn't available when connected to Exchange Online. Instead of Get-MessageTrackingLog, you must use Get-MessageTrace and Get-MessageTraceDetails to view results for message tracking.

Which transport service component represents a collection of transport servers that are responsible for delivering messages to a specific routing destination? -Connector -Transport agent -Delivery groups

Delivery groups -Delivery groups represent the collection of transport servers that are responsible for delivering messages to a specific routing destination. Each routing destination has its own delivery group. Transport servers in a delivery group can be Exchange Server 2019, 2016 or 2013 Mailbox servers.

What's the first task you must complete to configure RBAC split permissions? -Create a role group, which will contain the Active Directory administrators that can create security principals -Disable Active Directory split permissions if it's enabled -Create regular and delegating role assignments between the Mail Recipient Creation role and the Recipient Management role group

Disable Active Directory split permissions if it's enabled -The first task that an organization must complete to configure RBAC split permissions is to disable Active Directory split permissions if it's enabled.

Which anti-spoofing technology lets you add a digital signature to outbound email messages in the message header? -Sender Policy Framework (SPF) -DomainKeys Identified Mail (DKIM) -Domain-based Message Authentication, Reporting, and Conformance (DMARC)

DomainKeys Identified Mail (DKIM) - DKIM lets you add a digital signature to outbound email messages in the message header. When you configure DKIM, you authorize your domain to associate, or sign, its name to an email message using cryptographic authentication. Email systems that get email from your domain can use this digital signature to help verify whether incoming email is legitimate.

As the Messaging administrator for Fabrikam, Holly Spencer wants to control the flow of messages that Fabrikam users send to and receive from the Internet. What feature should Holly implement to provide this functionality? -Transport rules -Edge transport rules -Inbox rules in Outlook

Edge transport rules - Edge Transport rules are used to control the flow of messages sent to or received from the Internet.

Tailspin Toys is planning to implement a hybrid Exchange deployment. As the Messaging administrator for Tailspin Toys, Alan Deyoung is planning the company's email flow between Exchange Online and the company's on-premises Exchange Servers. What other email flow component must Alan organize? -The Transport Layer Security (TLS) that encrypts messages -The SMTP send and receive connectors used by the Hybrid Configuration Wizard -Email flow to and from the Internet

Email flow to and from the Internet -A hybrid deployment is typically configured to share a common SMTP email namespace. This design requires routing messages between an organization's on-premises Exchange servers and Exchange Online. For this reason, you must consider how to organize the email flow to and from the Internet, and between Exchange Online and the Exchange Server on-premises.

As the Messaging administrator for Lucerne Publishing, Patti Fernandez is planning the company's password policy. Patti wants to maximize the security of the sign-in credentials for Lucerne's users. Which of the following items is a best practice that Patti should implement as part of the company's password management policy? -Enforce at least six character minimum length requirement -Periodic password resets should occur on short intervals -Enforce registration for multifactor authentication

Enforce registration for multifactor authentication -Multifactor authentication (MFA) requires the use of more than one verification method. MFA adds a second layer of security to user sign-in and transactions.

As a Global admin for Contoso, Holly Dickson wants to deploy a Microsoft 365 integrated app. When configuring the app, Holly selected the Deploy from AppSource option. What's the implication of selecting this option? -Holly must manually roll out updates to the app -When the app starts, it automatically downloads for the user -Enhancements to the app will automatically be made available to users without Holly's intervention

Enhancements to the app will automatically be made available to users without Holly's intervention - With the AppSource option, updates and enhancements to the app will automatically be made available to users without Holly's intervention.

Contoso recently began experiencing back pressure in its Exchange Server deployment. Message delivery slowed down and incoming messages were being blocked. What's the best way for Contoso to avoid back pressure? -Ensure the organization's Exchange Server has the necessary amount of system resources -Download the Microsoft Connectivity Analyzer tool -Enable protocol logging on SMTP Send and SMTP Receive connectors

Ensure the organization's Exchange Server has the necessary amount of system resources - Exchange Server monitors the resources used for message transport and throttles resource usage to ensure the system remains functional. When resource usage is throttled, you'll notice symptoms such as slow message delivery or incoming messages being blocked. The best way to avoid back pressure is to ensure the Exchange server has the necessary amount of system resources, including memory and disk space.

Which transport rule component identifies the messages that the actions shouldn't apply to? -Exceptions -Conditions -Properties

Exceptions -Exceptions are an optional component, since they identify the messages that the actions shouldn't apply to. The same message identifiers that are available in conditions are also available in exceptions. Exceptions override conditions and prevent the rule actions from being applied to a message, even if the message matches all the configured conditions.

As the Messaging administrator for Contoso, Holly Dickson wants to create a new receive connector that will be used for communication with external applications, users, and mail servers outside of Contoso's Exchange organization. Which of the following roles should Holly assign to this connector? -Frontend Transport -Hub Transport -POP Transport

Frontend Transport -This role is typically used for communication with external applications, users, and mail servers outside of the Exchange organization.

Which type of connectors are configured for the Exchange Server organization? -Receive connectors -Send connectors -Inbound connectors

Send connectors - Send connectors are configured for the Exchange Server organization.

As the Messaging administrator for Fabrikam, Holly Spencer wants to create new user roles and assign them to role assignment policies. How should Holly complete this task? -Holly must use the Exchange Management Shell -Holly must use the Exchange admin center (EAC) -Holly must use the Microsoft 365 Defender portal

Holly must use the Exchange Management Shell -While you can use the EAC to create and manage custom role assignment policies, it doesn't allow you to assign custom roles to them. To create new user roles and assign them to role assignment policies, you must use the Exchange Management Shell.

As the Messaging administrator for Contoso, Holly Dickson wants to enable MFA for individual user accounts. Holly navigated to the Microsoft 365 admin center and to the Active users page, but the Multifactor Authentication option was disabled on the menu bar. What could be the likely cause of this situation? -Conditional Access policies weren't enabled -Security defaults weren't enabled -Holly was not a Global admin

Holly was not a Global admin -To configure multifactor authentication in Microsoft 365, you must be a Microsoft 365 Global administrator.

As the Messaging administrator for Fabrikam, Holly Spencer wants to run a message trace on message data that was created over a month ago. Where can Holly view this data? -In the Exchange admin center -In the Microsoft 365 Defencer portal -In a downloadable .CSV file

In a downloadable .CSV file -Trace data is available for the past 90 days. If a message is older than seven days, you can only view the results in a downloadable .CSV file. Since the message data that Holly is investigating is over a month old, Holly must download the .CSV file that's generated from the message trace to view the results.

As the Messaging administrator for Contoso, Holly Dickson wants to configure anti-malware policies. Where can Holly configure these policies? -In the Exchange Management Shell -In the Microsoft 365 Defender portal -In Exchange Online Protection

In the Exchange Management Shell - Anti-malware policies can be configured in either the Exchange admin center (EAC) or through PowerShell commands in the Exchange Management Shell (EMS).

As the Messaging administrator for Lucerne Publishing, Patti Fernandez wants to regain control of the organization's messaging data by eliminating the need for personal store (.pst) files. Which messaging compliance feature in Exchange Online should Patti configure to provide this functionality? -eDiscovery -In-place archiving -Retention policies

In-place archiving -In-place archiving helps you regain control of your organization's messaging data by eliminating the need for personal store (.pst) files and allowing users to store messages in an archive mailbox accessible in Outlook and Outlook on the web.

As the Messaging administrator for Contoso, Holly Dickson wants to configure Exchange Online Protection for Contoso's Exchange Server deployment. What must Holly do to configure EOP? -Configure Contoso's DNS MX record to point to Microsoft 365 -Install an EOP Send connector in the on-premises Exchange Server environment -Configure Contoso's DNS PTR records

Install an EOP Send connector in the on-premises Exchange Server environment - EOP requires only an EOP Send connector in an on-premises Exchange Server environment so that messages are sent to the EOP domain for scanning.

When journaling is implemented, what does the Journal agent do when a message matches a journal rule and is to be submitted to the journaling mailbox? -It generates a journal report and attaches the message to the report -It stores the email message in the archive mailbox -It sends an automatic email notification to the Compliance Manager that contains information from the original message

It generates a journal report and attaches the message to the report - A journal report is the message that the Journaling agent generates when a message matches a journal rule and is to be submitted to the journaling mailbox. The original message that matches the journal rule is included unaltered as an attachment to the journal report. The body of a journal report contains information from the original message such as the sender email address, message subject, message-ID, and recipient email addresses.

Contoso is experiencing a slowdown in mail delivery. Which of the following issues can be causing this problem? -Contoso installed a transport agent created by a third party -There are multiple sites with the same routing cost -Large numbers of DLP policies are deployed

Large numbers of DLP policies are deployed -Large numbers of DLP policies can slow down mail delivery. As such, you should only deploy the policies that your organization requires. You should also verify they're properly configured.

Which type of hold in Exchange Server is either enabled or disabled for a mailbox? -In-place hold -Litigation hold -Discovery hold

Litigation hold -Litigation Hold is either enabled or disabled for a mailbox. When Litigation Hold is enabled for a mailbox, all items in the mailbox are placed on hold.

Which source in the Application log includes information about Active Directory access, insufficient permissions, message tracking log corrupted, and the Transport Log Search service failing to start? -MSExchangeTransportLogSearch -MSExchange Messaging Policies -MSExchange Store Driver Delivery

MSExchangeTransportLogSearch -This source includes information about Active Directory access, insufficient permissions, message tracking log corrupted, and the Transport Log Search service failing to start.

As the Messaging administrator for Contoso, Holly Dickson wants to keep the company as secure as possible. Which of the following recommendations should Holly build in to the company's password policy to provide a secure password system? -Require character composition requirements within passwords, such as * & ^ % $ -Require mandatory periodic password resets for user accounts -Maintain an eight character minimum length requirement for passwords

Maintain an eight character minimum length requirement for passwords -One of the recommendations for keeping an organization as secure as possible is to maintain an eight character minimum length requirement for passwords. Remember, longer passwords aren't necessarily better.

What Microsoft 365 feature enables messaging administrators to follow email messages as they pass through Exchange Online Protection? -REST/OData Tenant Reporting web service -Message trace -Microsoft Remote Connectivity Analyzer

Message trace -The Microsoft 365 message trace feature enables messaging administrators to follow email messages as they pass through Exchange Online Protection. This feature can help you determine whether a targeted email message was received, rejected, deferred, or delivered by the service. It also shows what actions occurred to the message before it reached its final status

As the Messaging administrator for Contoso, Holly Dickson wants to investigate message tracking in Contoso's Exchange Online deployment. Which of the following features should Holly use for this investigation? -Message traces -Message tracking logs -Document fingerprinting

Message traces - The ability to investigate message tracking logs is only available in on-premises Exchange Server deployments. To investigate message tracking in Exchange Online, you must instead use Message traces.

Which Microsoft Exchange tool provides detailed message activity information as mail flows through the transport pipeline on Mailbox servers and Edge Transport servers? -Protocol logging -Message tracking logs -Telnet

Message tracking logs -Message tracking logs provide much more detailed information about message delivery than delivery reports. Message tracking records the message activity as mail flows through the transport pipeline on Mailbox servers and Edge Transport servers.

Holly Dickson is the Messaging administrator for Contoso. Holly suspects that a user can't send email to different users where email is sent over multiple connectors. What tool should Holly use to troubleshoot this issue? -Protocol logs -Message tracking logs -Event logs

Message tracking logs - Message tracking logs are used to analyze all message activity as mail flows through the transport pipeline on an Exchange server. If you suspect that a user can't send email to different users where email is sent over multiple connectors, then message tracking logs should be analyzed to troubleshoot the issue.

As the Messaging administrator for Contoso, Holly Dickson wants to create retention policies for Exchange Online, SharePoint Online, and Microsoft Teams. Where should Holly create these retention policies? -Microsoft 365 Defender portal -Exchange admin center -Microsoft Purview compliance portal

Microsoft Purview compliance portal - Retention Policies created in Microsoft Purview are usable across multiple services, such as Exchange Online, SharePoint Online, Teams, and so on. Retention policies created in the EAC are available in Exchange only.

Which of the following built-in user roles allows an end user to view and modify basic configuration and access settings for Outlook on the web? -MyDiagnostics -MyBaseOptions -MyProfileInformation

MyBaseOptions -This built-in role enables end users to view and modify basic configuration and access settings for Outlook on the web.

Contoso has implemented an Exchange Online deployment. What extra configuration must Contoso complete to enable Exchange Online Protection? -Run the Hybrid Configuration Wizard -Create connectors -No extra configuration is needed

No extra configuration is needed - When you register for Exchange Online or Microsoft 365, EOP is automatically applied to any message that is received or sent from your online tenant. No extra configuration is needed.

Fabrikam has an on-premises Exchange Server 2019 deployment. As the Messaging administrator for Fabrikam, Holly Spencer plans to create the connectors that connect Fabrikam's on-premises Exchange environment to EOP. Which connector should Holly create that acts as a Send connector for sending all outgoing mail to EOP? -On-premises connector -EOP outbound connector -EOP inbound connector

On-premises connector - This connector is a Send connector that sends all outgoing mail to EOP.

As the Messaging administrator for Contoso, Holly Dickson has discovered that several of the company's transport rules have conditions that overlap. What should Holly do to address this situation? -Modify the rules to only have one condition per rule -Modify the rules to eliminate any overlap of conditions -Order the rules properly

Order the rules properly - In many cases, you must apply several transport rules in your organization. If these transport rules have conditions that can overlap in some cases, it's important that you order them properly.

As the messaging administrator for Contoso, Holly Dickson is trying to determine how Exchange Server determines which routing path to use for message delivery at Contoso. The company's least-cost route includes multiple Active Directory sites. Which of the following scenarios describes how Exchange Server determines the AD site to use for delivery on the least-cost route? -Message delivery hops through each site -Other Active Directory sites on the least-cost path are only used if there's a delivery error Delivery groups can't span multiple Active Directory sites

Other Active Directory sites on the least-cost path are only used if there's a delivery error -After the least-cost route for message delivery has been selected, the Transport service in the source delivery group attempts to deliver the message directly to the destination delivery group. If the least-cost route includes multiple Active Directory sites, other Active Directory sites on the least-cost path are only used if there's a delivery error or the organization configured a modification.

Which message transport component can be configured to block automatic replies sent to SMTP domains that are external? -Foreign connectors -External relay domain -Remote domain

Remote domain - A remote domain can be configured to block automatic replies sent to SMTP domains that are external to your Exchange Server organization.

Which Safe Attachments option removes detected malware attachments and notifies recipients that attachments have been removed? -Block -Dynamic Delivery -Replace

Replace -This option removes detected malware attachments and notifies recipients that attachments have been removed. Messages that contain malicious attachments are quarantined.

As the Messaging administrator for Fabrikam, Holly Spencer wants to implement Messaging records management (MRM). What MRM feature will enable Holly to apply retention settings to an entire mailbox and default mailbox folders such as Inbox and Deleted Items? -Retention policies -The Managed Folder Assistant -Retention tags

Retention tags -MRM is accomplished using retention tags and retention policies. Retention tags are used to apply retention settings to an entire mailbox and default mailbox folders such as Inbox and Deleted Items. You can also create and deploy retention tags that Outlook and Outlook on the web users can use to apply to folders or individual messages.

The principles of retention define the order in which multiple retention policies are applied to content. What's the first principle of retention? -Retention wins over deletion -Longest retention period wins -Explicit inclusion wins over implicit inclusion

Retention wins over deletion -The first principle of inclusion that's applied to content is Retention wins over deletion. At the highest level, content being retained by one policy can't be permanently deleted by another policy.

Fabrikam has an Exchange Server 2019 on-premises environment. The company also has an Azure AD Premium Plan 1 subscription and a Microsoft 365 E3 tenant. As the company's Messaging administrator, Holly Spencer wanted to implement self-service password reset (SSPR) so that Fabrikam's users can reset their own passwords. However, Holly was unable to do so. What prevented Holly from implementing SSPR? -SSPR isn't available in Exchange Server on-premises environments -SSPR is only available with Microsoft 365 E5 subscriptions -SSPR is only available with Azure AD Premium Plan 2 subscriptions

SSPR isn't available in Exchange Server on-premises environments - SSPR is only available in Exchange Online and hybrid environments. It isn't available in Exchange Server on-premises environments.

As the Messaging administrator for Contoso, Holly Dickson wants to create a specific mailbox for the Sales department. Holly wants to create this mailbox so that members of the Sales department can access the messages directed to the department. This mailbox will enable the Sales department to centrally store, respond to, and manage messages. What recipient type should Holly create? -Distribution group -Linked mailbox -Shared mailbox

Shared mailbox - Shared mailboxes can be accessed by multiple users as an extra mailbox in Outlook. Team, department, or project mailboxes are used to centrally store, respond to, and manage messages. Organizations often use a shared mailbox to provide one specific mailbox for a dedicated group of people, such as sales, help desk, or general information requests.

Which of the following items is a free Microsoft offering that acts as a trust broker between two federated Exchange Server organizations? -The Azure AD authentication system -A Security Assertion Markup Language (SAML) delegation token -The Federated Trust wizard

The Azure AD authentication system - The Azure AD authentication system is an Azure-based service, which is a free Microsoft offering that acts as a trust broker between two federated Exchange Server organizations. Instead of establishing a direct trust as with forest trusts in Active Directory Domain Services (AD DS), you establish a trust between your Exchange server environment and the Azure AD authentication system.

Fabrikam has an Exchange Server deployment. As the Messaging administrator for Fabrikam, Holly Spencer is analyzing the tools that are available to help manage mail flow in Exchange. What tool provides the most detailed information about message delivery so that Holly can determine whether Fabrikam's mail flow is using the correct Exchange servers and connectors? -Queue viewer -Delivery reports -The Get-MessageTrackingLog cmdlet

The Get-MessageTrackingLog cmdlet - You can use message tracking to make sure the mail flow is using the correct Exchange servers and connectors. There's no graphical tool for viewing the message tracking logs. While delivery reports provide this information, Message tracking logs provide much more detailed information about message delivery than delivery reports. To view this information in message tracking logs, you use the Get-MessageTrackingLog cmdlet with filtering to identify the log events you wish to review.

Organizations that implement federated sharing must first configure a federation trust with what object? -The Microsoft Azure AD authentication system -The organization that you want to establish a federated trust with -Exchange Online or Exchange Server 2010 or higher

The Microsoft Azure AD authentication system - Federation refers to the underlying trust infrastructure that supports federated sharing. When you configure federation, you configure a federated trust with the Microsoft Azure AD authentication system.

Contoso has an on-premises Exchange Server deployment. As the Messaging administrator for Contoso, Holly Dickson disabled a user's archiving mailbox for troubleshooting purposes. What happens to the disabled archive mailbox when the deleted mailbox retention period is reached? -The contents of the disabled archive mailbox are removed -The disabled archive mailbox is purged from the mailbox database -The disabled archive mailbox is kept in the mailbox database

The disabled archive mailbox is purged from the mailbox database - In on-premises deployments, a disabled archive mailbox is kept in the mailbox database until the deleted mailbox retention period for that database is reached. During this period, you can reconnect the same disabled archive mailbox to a user's primary mailbox. When the deleted mailbox retention period is reached, the disconnected archive mailbox is purged from the mailbox database.

As the new Messaging administrator for Lucerne Publishing, Patti Fernandez has discovered that several mailboxes have mailbox items that never expire. Which of the following items may have caused this situation? -The mailboxes have multiple retention policies that have conflicting retention tags -The mailboxes have a retention policy that doesn't have retention tags linked to it -The Managed Folder Assistant wasn't scheduled

The mailboxes have a retention policy that doesn't have retention tags linked to it - Although retention tags don't need to be linked to a retention policy, this strategy isn't recommended. If mailboxes have a retention policy that doesn't have retention tags linked to it, this situation may cause mailbox items to never expire.

What's the next thing that happens after a message is received by the Transport service on a Mailbox server? -The message is categorized -The ultimate destination of the message is determined -Determine how to best reach the destination

The message is categorized - When a message is received by the Transport service on a Mailbox server, the message must be categorized. Categorization has multiple phases, the first of which is recipient resolution, then determining the destination, and finally determining the routing path.

Contoso's Exchange Server deployment has multiple routing paths, but they all have the same cost. When determining mail flow, what's the next option that Exchange uses to determine which routing path to use? -The path whose Active Directory site has the lowest alphanumeric name -The path with the lowest number of hops -The path whose Active Directory site has the largest maximum message size

The path with the lowest number of hops - In cases where there are multiple routing paths with the same cost, the path with the lowest number of hops is preferred.

As a best practice, what should the default role assignment policy contain? -The permissions that apply to the organization's broadest set of users -The Organization Management role group -The organization's default universal security group (USG)

The permissions that apply to the organization's broadest set of users - As a best practice, the default role assignment policy that an organization uses should contain the permissions that apply to its broadest set of users.

As the Messaging administrator for Lucerne Publishing, Patti Fernandez wants to prevent users from overloading the performance of the company's Exchange Server. To do this, Pattis wants Exchange Server to delay the user whenever they reach the configured limit for the defined time interval. What is this type of workload usage known as? -Maximum usage -Traffic shaping -Burst allowances

Traffic shaping - With traffic shaping, Exchange Server delays the user whenever a user reaches the configured limit for the defined time interval. This type of workload usage prevents users from overloading the performance of the server. Users' business tasks usually aren't affected because the delays are short and almost undetectable.

What's the highest level of split permissions? -The separation of Exchange management and Compliance management -The separation of Active Directory management and Azure Active Directory management -The separation of Exchange management and Active Directory management

The separation of Exchange management and Active Directory management -The highest level of split permissions is the separation of Exchange management and Active Directory management.

What does Exchange Server use to provide anti-spam protection? -Spam confidence levels -Transport agents -Anti-spam message headers

Transport agents - Exchange uses transport agents to provide anti-spam protection. The built-in agents that are available in Exchange Server are relatively unchanged from Exchange Server 2010. In modern Exchange deployments, configuration and management of these agents is available only in the Exchange Management Shell.

Which Safe Links feature combines elements of Safe Links and Safe Attachments into a single feature, whose purpose is to protect users in the event a link points to a malicious file on a web server? -Spoofing intelligence -Dynamic delivery -URL detonation

URL detonation - URL detonation combines elements of Safe Links and Safe Attachments into a single feature, whose purpose is to protect users in the event a link points to a malicious file on a web server. When a user selects a link to a file on a web server, the file is downloaded into the Safe Attachments sandbox environment and detonated.

Fabrikam has an Exchange Server 2019 deployment. As Fabrikam's Messaging administrator, Holly Spencer wants to implement outbound spam filtering. What must Holly do to provide outbound spam filtering in Fabrikam's Exchange Server deployment? -Configure spam filtering policies in the Microsoft 365 Defender portal -Configure spam filtering policies in the Exchange admin center -Use Exchange Online Protection

Use Exchange Online Protection - Outbound spam filtering isn't available in Exchange Server deployments without using Exchange Online Protection (EOP).

Patti Fernandez is the new Messaging administrator for Lucerne Publishing. After several managers changed jobs, Patti investigated Lucerne's permission management model and discovered that the previous administrator had assigned roles directly to users. As a result, Patti had to manually reassign those managers' roles to their replacements. Patti soon realized how inefficient and complex this process was. To avoid this situation in the future, what should Patti do to make it easier to manage role assignments and reduce the complexity of Lucerne's permission model? -Create new roles directly from scratch for each manager -Assign roles to a universal security group (USG) -Use role groups and role assignment policies to give permissions to users

Use role groups and role assignment policies to give permissions to users -While you can also assign roles directly to users, it increases the complexity of your permissions model. For this reason, it's recommended that you use role groups and role assignment policies to give permissions to your users. You can assign the roles to a role group or role assignment policy, and then just add or remove members of the role group or change role assignment policies as needed.

As the Messaging admin for Fabrikam, Holly Spencer wants to create a mailbox for Patti Fernandez. The mailbox will have Active Directory split permissions enabled. Holly began by creating a user account for Patti using Active Directory tools. What's the next step that Holly must complete? -Use the Exchange management tools to mailbox enable Patti's account -Configure Exchange permissions on Patti's account -Add Patti's account to the Mail Recipient role

Use the Exchange management tools to mailbox enable Patti's account -After creating Patti's user account using Active Directory tools, Holly must use the Exchange management tools to mailbox enable Patti's account.

As the Messaging admin for Lucerne Publishing, Patti Fernandez wants to create explicit assignment policies. How should Patti create these policies? -Using the Microsoft 365 Defender portal -Using the Exchange admin center (EAC) -Using the Exchange Management Shell (EMS)

Using the Exchange admin center (EAC) - You can only create explicit assignment policies using the EAC. If you want to create a new default assignment policy, you must use the Exchange Management Shell.

As the Message administrator for Fabrikam, Holly Spencer is considering whether to implement Safe Links. Which of the following tasks should Holly complete before deploying Safe Links at Fabrikam? -Verify Fabrikam has Microsoft Defender for Office 365 licensed -Verify that a default policy is in place that applies to selected domains -Review the order of the policies in the Exchange admin center

Verify Fabrikam has Microsoft Defender for Office 365 licensed - Holly should verify that Fabrikam has Microsoft Defender for Office 365 licensed Before implementing Safe Links.

Holly Spencer is Fabrikam's Messaging administrator. Fabrikam is experiencing issues in its Exchange Server deployment. SMTP mail flow is being inhibited, and messages have been getting stuck in the transport pipeline. Messages are also being rejected for exceeding the maximum message size. What should Holly troubleshoot that may be causing these issues? -Verify proper configuration of Fabrikam's send and receive connectors -Verify that port 110/TCP isn't restricted -Consider disabling the built-in malware agent in Exchange Server if Fabrikam has other software that conducts malware scanning on email

Verify proper configuration of Fabrikam's send and receive connectors - Receive and send connectors that are configured improperly can inhibit mail flow and cause messages to become stuck in the transport pipeline. Send and receive connectors can also be responsible for messages that are rejected for exceeding the maximum message size.

Contoso's Exchange Server environment is running workloads that have each type of available workload classification assigned. Because the resources used by each Exchange Server workload are highly used, Exchange Server has begun to progressively slow down the workloads. Which workloads will Exchange Server slow down first? -Workloads with an Internal Maintenance classification -Workloads with a Discretionary classification -Workloads with a Customer Expectation classification

Workloads with a Discretionary classification -If server resources are highly used, Exchange Server progressively slows down the lowest priority workloads. Priorities are defined by the classification assigned to each workload: Urgent, Customer Expectation, Internal Maintenance, and Discretionary. Urgent classification has the highest priority and Discretionary classification has the lowest priority. Because Contoso has resources running workloads with each type of classification, the Discretionary workloads are slowed down first.

Which role group enables members to conduct searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations? -eDiscovery Manager -Compliance Administrator -Compliance Data Administrator

eDiscovery Manager -The eDiscovery Manager role group enables members to conduct searches and place holds on mailboxes, SharePoint Online sites, and OneDrive for Business locations.

Mary is one of Contoso's regional Sales managers. Mary has asked Holly Dickson, the company's Messaging administrator, for permission to run searches and to preview and export search results in the Content Search page. What role group must Holly assign to Mary to provide this functionality? -Compliance Data Administrator -Compliance Administrator -eDiscovery Manager

eDiscovery Manager -You must be a member of the eDiscovery Manager role group in the Microsoft 365 Defender portal to run searches and to preview and export search results in the Content Search page. You don't have to assign other search permissions in Exchange Online.

Which Microsoft 365 feature can search across all Microsoft 365 services in a single, unified search operation? -eDiscovery hold -eDiscovery case -Litigation hold

eDiscovery case - This feature is available in theMicrosoft Purview compliance portal and serves the same purpose as eDiscovery hold, but with a different web interface. It also provides the ability to search across all Microsoft 365 services in a single, unified search operation.

As the Messaging administrator for Lucerne Publishing, Patti Fernandez is analyzing the company's mail flow configuration in its Exchange Server deployment. Which feature of Lucerne's Exchange deployment are the first to accept external messages and scan them for spam and malware? -perimeter servers -External mail servers -Mailbox servers

perimeter servers - The servers configured in your MX record are your perimeter servers that are the first to accept external messages and often scan them for spam and malware.