You plan to deploy an Exchange Server 2013 organization. You need to recommend a solution to
ensure that a user named User1 can access email messages by using Exchange ActiveSync on an
Android device. The solution must prevent all other users from using Android devices to access email
by using Exchange ActiveSync. What should you recommend doing first?
A.
Run the Set-CasMailbox cmdlet.
B.
Create a device access rule.
C.
Modify the Quarantine Notification settings.
D.
Create a mobile device mailbox policy.
Explanation:
Access the Allow/Block/Quarantine rulesNOT A
Use the Set-CASMailbox cmdlet to set attributes related to client access for Microsoft Exchange
ActiveSync, Microsoft Office Outlook Web App, POP3, and IMAP4 for a specified user.
The Set-CASMailbox cmdlet operates on one mailbox at a time. You can configure properties for
Outlook Web App, Exchange ActiveSync, POP3, and IMAP4 by using this cmdlet. You can configure a
single property or multiple properties by using one statement.
Need to create a rule to allow a particular user to use Exchange ActiveSync on an Android device.
NOT C
Can allow or block access for all users.
Quarantine all uses and then selectively allow the users access.
A new device rule is a better way of managing the problem.NOT D
Need a policy for a single user.
In Microsoft Exchange Server 2013, you can create mobile device mailbox policies to apply a
common set of policies or security settings to a collection of users. After you deploy Exchange
ActiveSync in your Exchange 2013 organization, you can create new mobile device mailbox policies
or modify existing policies. When you install Exchange 2013, a default mobile device mailbox policy
is created. All users are automatically assigned this default mobile device mailbox policy.
Let me start by saying this is a horrid question…
I believe B is wrong.
A is the correct answer based on “Personal exemptions can be created by using the Set-CASMailbox cmdlet or the Exchange Control Panel (ECP).” from here:
https://technet.microsoft.com/en-us/library/Ff959225(v=EXCHG.141).aspx
A the command would look like this =
Set-CASMailbox -ActiveSyncAllowedDeviceIDs Android
https://technet.microsoft.com/en-us/library/Bb125264(v=EXCHG.150).aspx
**Stop reading unless you need more facts to believe my answer, because the rest could confuse you**
B the command would look like this =
New-ActiveSyncDeviceAccessRule -Characteristic UserAgent -QueryString Android
It would work but I don’t think this is the correct answer because it would allow anyone who has the allow device to activesync it rather than just User1
C can be eliminated off the bat because it lists Notification settings. Although the best/easiest way to get the device ID is from the use of Quarantine.
D the command would look like this =
New-MobileDeviceMailboxPolicy -Name:”Default” -AllowPOPIMAPEmail:$false
New-MobileDeviceMailboxPolicy -Name:”User1″ -AllowPOPIMAPEmail:$true
https://technet.microsoft.com/en-us/library/Dd876923(v=EXCHG.150).aspx
Set-CASMailbox -Identity [email protected] -ActiveSyncMailboxPolicy “User1”
https://technet.microsoft.com/en-us/library/aa997929(v=exchg.150).aspx
It would also work, and it would only be for User1, but I don’t think it’s the solution that Microsoft wants. Also the answer doesn’t mention that you would need to also associate the policy to User1, it just says create the policy.
So like I said, horrid question…
IT is B
“What should you recommend doing first?”
Create device access rules that quarantine android…
and next can allow this one device to access
Here are a few of the web sites we advocate for our visitors.