QUESTION 51
Your company contains an internal network and a perimeter network. The internal network
contains an Active Directory forest. The company has a single domain.
You plan to deploy 10 Edge Transport servers on the perimeter network.
You need to recommend a solution for the Edge Transport server deployment. The solution must meet the following requirements:
- Allow administrators to apply a single security policy to all Edge Transport servers
- Reduce the Administrative overhead that is required to manage servers
- Minimize the attack surface of the internal network
What should you recommend?
A. Implement Network Policy and Access Services (NPAS).
B. Implement Active Directory Federation Services (AD FS).
C. Create a new Active Directory domain in the internal forest and then join all Edge Transport servers
to the new domain.
D. Create an Active Directory forest in the perimeter network and then join all Edge Transport servers
to the new domain.
Answer: A
QUESTION 52
You have an Exchange Server 2010 organization.
Your company’s compliance policy states that the following occurs when a user leaves the company:
- The user account is disabled
- The user account and mailbox are deleted after six months
- All e-mail messages in the mailbox are retained for three years
You need to recommend a solution to retain the e-mail messages of users who leave the company.
The solution must meet the following requirements:
- Ensure that a group named Group1 can manage the process
- Minimize disk space required to store the mailbox database
What should you recommend?
A. Assign the Mailbox Search management role to Group1 and then create a retention policy.
B. Assign the Mailbox Search management role to Group1 and then create a managed folder mailbox
policy.
C. Assign the Mailbox Import Export management role to Group1 and then configure Personal Archives
for each mailbox.
D. Assign the Mailbox Import Export management role to Group1 and then instruct Group1 to export
mailboxes to personal folder (.pst) files.
Answer: D
QUESTION 53
Your network consists of a windows Server 2003 Active Directory forest that contains a windows Server 2003 enterprise certification authority (CA).
You have an Exchange Server 2003 organization.
Users access their mailboxes by using Windows Mobile 5.0 and Windows Mobile 6.1 devices.
You plan to transition the organization to Exchange Server 2010.
You need to plan a certificate solution for the Exchange Server 2010 deployment. The solution must minimize the amount of effort required to connect all mobile devices to the organization.
What should you include in the plan?
A. Create a self-signed certificate and install it on the Client Access server.
B. Obtain a wildcard certificate from a trusted third-party CA and install it on the Client Access server.
C. From an internal CA obtain a certificate that contains multiple names and install it on the Client Access
server.
D. From a trusted third-party CA obtain a certificate that contains multiple names and install it on the Client
Access server.
Answer: D
QUESTION 54
You have an Exchange 2010 organization.
Your company’s security policy states that all connections to Outlook Web App (OWA) must use smart card authentication.
You need to recommend a solution to meet the security policy requirements.
Which two possible ways to achieve this goal should you recommend? (Each correct answer presents a complete solution. Choose two.)
A. Require certificate-based authentication for all Internet-facing Client Access servers.
B. Require Windows Integrated Authentication for all Internet-facing Client Access servers.
C. Deploy an Edge Transport server and then disable Windows Integrated Authentication.
D. Deploy a server that runs Microsoft Internet Security and Acceleration (ISA) Server and enable
Kerberos constrained delegation.
Answer: AD
QUESTION 55
You have an Active Directory domain named contoso.local.
You plan to deploy an Exchange Server 2010 organization that will contain the following server:
- Two Edge Transport servers named Edge1.contoso.com and Edge2.contoso.com
- Two Hub Transport servers named hub1.contoso.local and hub2.contoso.local
You need to design a solution that ensures that e-mail messages from the Internet can be delivered to internal recipients if a single Edge Transport server fails.
What should you include in the design?
A. two Remote Domains
B. two SRV resource records
C. two EdgeSync Subscriptions
D. two mail exchange (MX) records
Answer: D
QUESTION 56
You have Exchange Server 2003 organization. The organization contains a front end server named FE1 and a back end server accessible from the Internet by using mail.contoso.com.
You plan to transition the organization to Exchange Server 2010.
You will deploy a Mailbox server named MIX1 and a Client Access server named CAS1. Users will access Outlook Web Access and Outlook Web App (OWA) by using the URL. https://mail.contoso.com.
You need to recommend a DNS configuration for the external name of mail.contoso.com.
Which server should be associated with the name mail.contoso.com?
A. BE1
B. CAS1
C. FE1
D. MIX1
Answer: B
QUESTION 57
You have an Exchange Server 2010 organization. Your network is separated from the Internet by a firewall.
You need to identify the ports that must be opened on the firewall to allow clients from the Internet to use the following connections:
- Outlook Anywhere
- Outlook Web App (OWA)
- Exchange ActiveSync
- IMAP4 over Secure Sockets Layer (SSL)
Which TCP ports should you identify?
A. 25, 443 and 993
B. 26, 443 and 995
C. 25, 80, 143 and 3269
D. 80, 143, 443 and 389
Answer: A
QUESTION 58
You have an Exchange Server 2010 Hub Transport server named Hub1.
You install an application on a third-party server named Server1.
You discover that the application cannot authenticate to remote servers.
You need to ensure that the application can relay e-mail messages by using Hub1.
What should you do?
A. Create a new Send connector
Add the TCP/IP address of Server1 to the Send connector Modify the permissions for the
Send connector
B. Create a new Receive connector
Add the TCP/IP address of Server1 to the Receive connector Modify the permissions for the
Receive connector
C. Add the TCP/IP address of Server1 to the default Receive connector Create a message classification
Create a transport rule
Add the TCP/IP address of Server1 to the Client Receive connector
D. Create a remote domain
E. Create a transport rule
Answer: B
QUESTION 59
You have an Exchange Server 2010 organization that contains two Client Access servers.
You deploy a Microsoft Internet Security and Acceleration (ISA) Server.
You need to recommend a high availability solution for the Client Access servers. The solution must meet the following requirements:
- Ensure that Outlook Web App (OWA) connections are available if a single Client Access server fails
- Ensure that client access services are available if a single service fails on a Client Access server
What should you recommend?
A. Deploy a hardware load balancer.
B. Deploy Windows Network Load Balancing.
C. Publish each Client Access server in a separate publishing rule.
D. Publish both Client Access servers in a single publishing rule as a Web server farm.
Answer: D
QUESTION 60
You have an Exchange Server 2010 organization.
Your company acquires two companies named Contoso, Ltd and N—- Traders.
You need to ensure that users from Contoso have only contoso.com e-mail addresses and users from Northwind Traders have only traders.com e-mail addresses.
What should you create and configure?
A. two accepted domains and two e-mail address policies
B. two remote domains and two accepted domains
C. two transport rules and two address remote entries
D. two Receive connectors and two address lists
Answer: A
Free Download Pass4sure Microsoft 70-663 Exam Question with PDF & VCE
