Which ports should you identify?

DRAG DROP
###BeginCaseStudy###
Case Study: 1
Fabrikam, Inc
Overview
General Overview
Fabrikam, Inc., is a plastics manufacturer. Fabrikam has an Exchange Server organization
that contains only servers that have Exchange Server 2013 installed.
Physical Locations
Fabrikam has two main offices. The main offices are located in Tampa and Charlotte. The
company has 8,000 users in each office.
Existing Environment

Active Directory Environment
Fabrikam has an Active Directory forest that contains one domain named fabrikam.com.
Each office is configured as an Active Directory site. The network contains four subnets. The
subnets are configured as shown in the following table.

All of the traffic from Subnet1 is routable to Subnet3. All of the traffic from Subnet2 is
routable to Subnet4. All client computers are on Subnet1 and Subnet3 only. Subnet
192.168.1.0/24 and subnet 192.168.10.0/24 are assigned as the MAPI network. The network
contains four domain controllers. The domain controllers are configured as shown in the
following table.

Network Infrastructure
The network contains the following components:
• Two 10-gigabits per second WAN links that connect the Tampa office and the
Charlotte office. The links have a latency of less than 15 ms.
• One IP-PBX that is located in the Tampa office. The IP-PBX can use only
unencrypted communications.
• An Internet connection in the Tampa office and an Internet connection the Charlotte
office.
Exchange Environment
The network contains six servers that have Exchange Server 2013 installed. The servers are
configured as shown in the following table.

The Exchange Server environment has the following configurations:
• Two data loss prevention (DLP) policies named DLP_Finance and DLP_PII.
DLP_Finance is based on a template named Financial Data – U.S. DLP_PII is based on a
template named PII (U.S.).
• A mailbox database named UM that hosts only Unified Messaging (UM)-enabled
mailboxes and is replicated between the Mailbox servers in the Tampa office only.
• A database availability group (DAG) named DAG1 that contains EX2, EX3, EX5,
and EX6. DAG1 is configured to use DHCP to obtain an IP address.
• A Send connector named Tampa SMTP that uses SMTP1 as a smart host. The cost of
the Tampa SMTP connector is 10.
• Mailbox servers in the Tampa office that provide outbound SMTP services to the
Internet.
• A UM dial plan named UMl.
• An SMTP relay device named SMTP2 in the Charlotte office.
• An SMTP relay device named SMTP1 in the Tampa office.
• No client access services are published to the Internet.
Requirements
Exchange Server Issues
• The current Exchange Server environment has the following issues:
• Due to power failures, the Exchange servers unexpectedly fail, causing databases to
fail over. During the database failovers, the preferred database is not activated, causing an
unexpected distribution of active databases.
• An IRM template named No Print or Screenshot is deployed, but the template fails to
prevent users from taking screenshots of email messages.
Technical Requirements
You identify the following technical requirements:
• Assign a static IP address to DAG1.
• Block all personally identifiable information (PII) data and financial data without
exception.
• Prevent the forwarding of email messages sent by users who have a value of Legal in
their Department field.
• Ensure that the members of a group named HR1 can search all of the mailboxes for
sensitive email content.

• Use Information Rights Management (IRM) to protect all of the voice mails left for
the telephone number of the human resource (HR) department.
• Implement an archiving policy that moves all of the email messages from the mailbox
folders to an Archive mailbox after 30 days and permanently deletes all of the email
messages after 365 days.
###EndCaseStudy###

The security department implements a new firewall between the IP-PBX system and the
servers in the Tampa office. You discover that SIP sessions cannot be established between
the IP-PBX and EX1. You need to identify which ports must be opened between the IP-PBX
and the Exchange Server 2013 servers. Which ports should you identify?
To answer, drag the appropriate port or ports to the correct group of servers in the answer
area. Each port or ports may be used once, more than once, or not at all. Additionally, you
may need to drag the split bar between panes or scroll to view content.

Answer:

Explanation:

Client Access Servers
Box 1: TCP 5060
Mailbox servers:
Box 1: TCP 5060
Box 2: TCP 5065
Box 3: UDP 1024 to 65535
Note:
* You can configure the TCP port that’s used to listen for Session Initiation Protocol (SIP)
requests on a Unified Messaging (UM) IP gateway. By default, when you create a UM IP
gateway, the TCP SIP listening port number is set to 5060.
* The Microsoft Exchange Unified Messaging service and the UM worker process use
multiple Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) service
ports to communicate with IP gateways. The Microsoft Exchange Unified Messaging service
and the UM worker process use Session Initiation Protocol (SIP) over TCP. By default, the
Microsoft Exchange Unified Messaging service listens on both TCP port 5060 in Unsecured
mode and TCP port 5061 when mutual Transport Layer Security (mutual TLS) is used. Each
UM worker process that’s created listens on port 5065 and 5067 (unsecured) and 5066 and
5068 (secured). But when an IP gateway or IP PBX sends Realtime Transport Protocol
(RTP) traffic to the Speech Engine service worker process, the IP gateway or IP PBX will
use a valid UDP port that ranges from 1024 through 65535.
Reference: Exchange 2013, Configure the Listening Port
Reference: Overview of Unified Messaging