###BeginCaseStudy###
Case Study: 1
Fabrikam, Inc
Overview
Fabrikam, Inc., is a pharmaceutical company located in Europe. The company has 5,000
users. The company is finalizing plans to deploy an Exchange Server 2013 organization.
The company has offices in Paris and Amsterdam.
Existing Environment
Active Directory Environment
The network contains an Active Directory domain named fabrikam.com. An Active Directory
site exists for each office.
Network Infrastructure
The roles and location of each server are configured as shown in the following table.
Client computers run either Windows 7 or Windows 8 and have Microsoft Office 2010 installed.
The Paris office uses the 192.168.1.0/24 IP range. The Amsterdam office uses the
192.168.2.0/24 IP range.
The offices connect to each other by using a high-speed, low-latency WAN link. Each office
has a 10-Mbps connection to the Internet.
Planned Exchange Infrastructure
The company plans to deploy five servers that run Exchange Server. The servers will be
configured as shown in the following table.
The company plans to have mailbox databases replicated in database availability groups
(DAGs). The mailbox databases and DAGs will be configured as shown in the following table.
DAG1 will use FS1 as a file share witness. DAG2 will use FS3 as a file share witness.
You plan to create the following networks on each DAG:
• A dedicated replication network named DAGNET1
• A MAPI network named DAGNET2
All replication traffic will run on DAGNET1. All client connections will run on DAGNET2.
Client connections must never occur on DAGNET1. Replication traffic must only occur on
DAGNET2 if DAGNET1 is unavailable.
Each Exchange Server 2013 Mailbox server will be configured to have two network adapters.
The following two mailbox databases will not be replicated as part of the DAGs:
• A mailbox database named AccountingDB that is hosted on EX1
• A mailbox database named TempStaffDB that is hosted on EX4
EDGE1 will have an Edge Subscription configured, with both EX1 and EX2 as targets.
Requirements
Planned Changes
An external consultant reviews the Exchange Server 2013 deployment plan and identifies
the following areas of concern:
• The DAGs will not be monitored.
• Multiple Edge Transport servers are required to prevent the potential
for a single point of failure.
Technical Requirements
Fabrikam must meet the following technical requirements:
• Email must be evaluated for SPAM before the email enters the
internal network.
• Production system patching must minimize downtime to achieve the
highest possible service to users.
• Users must be able to use the Exchange Control Panel to
autonomously join and disjoin their department’s distribution lists.
• Users must be able to access all Internet-facing Exchange Server
services by using the names of mail.fabrikam.com and
autodiscover.fabrikam.com.
The company establishes a partnership with another company named A. Datum
Corporation. A. Datum uses the SMTP suffix adatum.com for all email addresses. Fabrikam
plans to exchange sensitive information with A. Datum and requires that the email
messages sent between the two companies be encrypted. The solution must use Domain
Security.
Users in the research and development (R&D) department must be able to view only the
mailboxes of the users in their department from Microsoft Outlook. The users in all of the
other departments must be prevented from viewing the mailboxes of the R&D users from
Outlook.
Administrators plan to produce HTML reports that contain information about recent status
changes to the mailbox databases.
Fabrikam is evaluating whether to abort its plan to implement an Exchange Server 2010
Edge Transport server and to implement a Client Access server in the Paris office instead.
The Client Access server will have anti-spam agents installed.
###EndCaseStudy###
An administrator recommends removing EDGE1 from the implementation plan and adding a new
Client Access server named CAS-8 instead. You need to identify which anti-spam feature will NOT be
available on CAS-8. Which anti-spam feature should you identify?
A.
Connection Filtering
B.
Sender Filtering
C.
Content Filtering
D.
Recipient Filtering
http://www.msexchange.org/articles-tutorials/exchange-server-2013/security-message-hygiene/anti-spam-and-anti-malware-protection-exchange-2013-part1.html
Edge server provides two more agents not available on a Mailbox server:
Connection Filtering agent: inspects the IP address of the remote server that is trying to send messages to determine what action, if any, to take on an inbound message. Connection filtering uses a variety of IP Block/Allow lists as well as IP Block/Allow List provider services to determine whether the connection from the specific IP should be blocked or allowed in the organization;
Attachment Filter agent: filters messages based on attachment file name, extension or MIME content type. Attachment filtering can be configured to block a message and its attachment, to strip the attachment and allow the message to pass through, or to silently delete the message and its attachment.