What should you do?

You are an Exchange administrator for your company. The Exchange organization contains an Exchange Server 2003 computer named OWA1.
OWA1 is configured as a front-end server that hosts only Microsoft Outlook Web Access. A firewall is configured to reverse proxy HTTP requests to OWA1. All users access OWA1 from the Internet.
Several internal e-mail messages are intercepted from OWA1 by unauthorized users. To improve security, another administrator reconfigures OWA to accept SSL connections.
The administrator successfully tests the new configuration by connecting to OWA1 from the internal network. However, users report that they cannot connect to OWA1 by using a secure connection.
They can still establish a nonsecure connection.
You need to ensure that all users can establish secure connections to OWA1.
What should you do?

You are an Exchange administrator for your company. The Exchange organization contains an Exchange Server 2003 computer named OWA1.
OWA1 is configured as a front-end server that hosts only Microsoft Outlook Web Access. A firewall is configured to reverse proxy HTTP requests to OWA1. All users access OWA1 from the Internet.
Several internal e-mail messages are intercepted from OWA1 by unauthorized users. To improve security, another administrator reconfigures OWA to accept SSL connections.
The administrator successfully tests the new configuration by connecting to OWA1 from the internal network. However, users report that they cannot connect to OWA1 by using a secure connection.
They can still establish a nonsecure connection.
You need to ensure that all users can establish secure connections to OWA1.
What should you do?

A.
Configure the firewall to block incoming HTTP traffic.

B.
Configure the firewall to allow HTTPS traffic to pass from the Internet to OWA1.

C.
Configure OWA1 to use IPSec to secure communications between OWA1 and the firewall.

D.
Configure OWA1 to trust the certification authority (CA) that issued the SSL certificate.

Explanation:

Since the administrator was able to successfully test the connection, it must be assumed
that he was able to connect via HTTPS. This is proof that the SSL configuration is
correct. All that needs to be done is to allow HTTPS traffic from the internet.
Incorrect Answers:
A. Blocking HTTP traffic has nothing to do with allowing HTTPS traffic to pass.
C. Using IPSec is not needed since SSL has been implemented, and will not help remote
users to connect.
D. The trust of the CA must already be in place on the server since the administrator was
able to connect successfully. If OWA1 did not have this trust, the administrator’s test
would have failed.



Leave a Reply 0

Your email address will not be published. Required fields are marked *