Which three actions should you perform?

Your network contains an Active Directory forest named contoso.com. The forest contains an enterprise root
certification authority (CA) named CA1. The network contains a server named EX1 that has Exchange Server2013 installed.
A partner company named A. Datum Corporation has an Active Directory domain named adatum.com. The
domain contains a server named EX5 that has Exchange Server 2010 Service Pack 2 (SP2) installed. EX5 has
a Receive connector that is configured for mutual TLS.
Users in contoso.com plan to send email messages that contain sensitive data to users in adatum.com.
You need to ensure that all of the email messages sent from contoso.com to adatum.com are encrypted by
using TLS. The solution must ensure that EX1 and EX5 validate server certificates.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

Your network contains an Active Directory forest named contoso.com. The forest contains an enterprise root
certification authority (CA) named CA1. The network contains a server named EX1 that has Exchange Server2013 installed.
A partner company named A. Datum Corporation has an Active Directory domain named adatum.com. The
domain contains a server named EX5 that has Exchange Server 2010 Service Pack 2 (SP2) installed. EX5 has
a Receive connector that is configured for mutual TLS.
Users in contoso.com plan to send email messages that contain sensitive data to users in adatum.com.
You need to ensure that all of the email messages sent from contoso.com to adatum.com are encrypted by
using TLS. The solution must ensure that EX1 and EX5 validate server certificates.
Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)

A.
Run the set-transportconfig -tlssenddomainsecurelist contoso.com command.

B.
Install a certificate, and then assign the certificate to the IIS service. Send the root certificate for
contoso.com to the administrators in adatum.com.

C.
Run the New-SendConnector cmdlet and specify the domainsecureenabled parameter.

D.
Run the New-SendConnector cmdlet and specify the tlsdomainparameter.

E.
Run the set-transportconfig -tlssenddomainsecurelist adatum.com command.

F.
Install a certificate, and then assign the certificate to the SMTP service. Send the root certificate for
contoso.com to the administrators in adatum.com.

Explanation:
A: Use the Set-TransportConfig cmdlet to modify the transport configuration settings for the whole Exchange
organization.
TheTLSSendDomainSecureListparameter specifies the domains from which you want to send domain
secured email by using mutual TLS authentication.
In this scenario we send from EX1 in the contoso.com domain.
D: Need to create a new send connector.
The TlsDomain parameter specifies the domain name that the Send connector uses to verify the FQDN of the
target certificate when establishing a TLS secured connection.
F: A new certificate is needed for the SMTP service.
Set-TransportConfig: Exchange 2013 Help



Leave a Reply 0

Your email address will not be published. Required fields are marked *