which two stores should you add the root CA certificate?

###BeginCaseStudy###
Case Study: 2
A.Datum
Overview
General Overview
A.Datum Corporation is a pet supply company that has stores across North America.
A.Datum has an Exchange Server 2007 organization. A. Datum plans to migrate to
Exchange Server 2013.
Physical Locations
A.Datum has five locations. The locations are configured as shown in the following table.

Existing Environment
Network Infrastructure
All of the locations connect to the each other by using a WAN link. The New York, Toronto,
and Chicago locations connect directly to the Internet.
All client computers run Windows 7 and Office 2010. All servers run Windows Server 2008.
Active Directory Environment
The network contains an Active Directory domain named adatum.local. Adatum.local is the
corporate domain based in the United States. The network contains a domain named
Canada.adatum.local. Canada.adatum.local is the domain for the stores in Canada.
Each location is configured as an Active Directory site.
The forest functional level is Windows Server 2008.
The main office and both of the distribution centers each has two domain controllers for their
respective domain. All of the other locations have one domain controller for their respective
domain. All of the domain controllers are global catalog servers.
Exchange Infrastructure
The main office and the distribution centers each have three servers that have Exchange
Server 2007 installed.
The servers have the following configurations:
• Two of the servers have cluster continuous replication (CCR) deployed
• One of the servers has the Client Access server role and the Hub
Transport server role installed
Each store contains a server that has Exchange Server 2007 installed. Each server has
mailboxes for active users and mailboxes for inactive users. Each server has approximately
50 mailboxes.
Remote users access Outlook Web Access by using a namespace of mail.adatum.com, which
resolves to the Client Access server in the New York office.
Requirements
Planned Changes
The company plans to implement the following changes:
• Migrate all of the mailboxes in the main office and the distribution
centers to Exchange Server 2013.
• Integrate a new telephone system to the Exchange Server 2013
organization.
• Deploy a standalone certification authority (CA) that will be used to
issue all of the certificates for the messaging infrastructure.
Technical Requirements

The company identifies the following technical requirements:
• Hardware costs must be minimized whenever possible.
• The impact on end users if a site fails must be minimized.
• Voice mail traffic between the telephone system and the Exchange
Server environment must be encrypted.
• Each user must be able to access the internal resources and their
mailbox by using a single user account.
Compliance Requirements
After a security review, the company identifies the following compliance requirements for
the new Exchange Server environment:
• All administrative changes made to the mailboxes must be tracked.
• The legal department must be able to search for messages in all of the
mailboxes.
• Users must be prevented from sending email during an upcoming
statutory holiday.
• All store managers must be prevented from permanently deleting email
messages from their Inbox.
• All email messages must be archived for a minimum of five years to
meet regulatory requirements.
• Management occasionally sends the staff internal memos that contain
confidential information, such as sales figures. The memos must be
protected so that unauthorized users cannot read the memos and
internal users cannot forward the memos to external recipients.
• The users in the research department must be able to send email to
anyone in the organization, but only the members of a group named
Execs must be able to send email to the research users. All other users
must be notified that email sent to the research users will remain
undelivered.
###EndCaseStudy###

You deploy a new certificate to a Client Access server.
You test the new certificate by using Outlook Anywhere from the Internet.
The test generates certificate errors.
You need to prevent the errors from reoccurring.
To which two stores should you add the root CA certificate? (Each correct answer presents part of
the solution. Choose two.)

###BeginCaseStudy###
Case Study: 2
A.Datum
Overview
General Overview
A.Datum Corporation is a pet supply company that has stores across North America.
A.Datum has an Exchange Server 2007 organization. A. Datum plans to migrate to
Exchange Server 2013.
Physical Locations
A.Datum has five locations. The locations are configured as shown in the following table.

Existing Environment
Network Infrastructure
All of the locations connect to the each other by using a WAN link. The New York, Toronto,
and Chicago locations connect directly to the Internet.
All client computers run Windows 7 and Office 2010. All servers run Windows Server 2008.
Active Directory Environment
The network contains an Active Directory domain named adatum.local. Adatum.local is the
corporate domain based in the United States. The network contains a domain named
Canada.adatum.local. Canada.adatum.local is the domain for the stores in Canada.
Each location is configured as an Active Directory site.
The forest functional level is Windows Server 2008.
The main office and both of the distribution centers each has two domain controllers for their
respective domain. All of the other locations have one domain controller for their respective
domain. All of the domain controllers are global catalog servers.
Exchange Infrastructure
The main office and the distribution centers each have three servers that have Exchange
Server 2007 installed.
The servers have the following configurations:
• Two of the servers have cluster continuous replication (CCR) deployed
• One of the servers has the Client Access server role and the Hub
Transport server role installed
Each store contains a server that has Exchange Server 2007 installed. Each server has
mailboxes for active users and mailboxes for inactive users. Each server has approximately
50 mailboxes.
Remote users access Outlook Web Access by using a namespace of mail.adatum.com, which
resolves to the Client Access server in the New York office.
Requirements
Planned Changes
The company plans to implement the following changes:
• Migrate all of the mailboxes in the main office and the distribution
centers to Exchange Server 2013.
• Integrate a new telephone system to the Exchange Server 2013
organization.
• Deploy a standalone certification authority (CA) that will be used to
issue all of the certificates for the messaging infrastructure.
Technical Requirements

The company identifies the following technical requirements:
• Hardware costs must be minimized whenever possible.
• The impact on end users if a site fails must be minimized.
• Voice mail traffic between the telephone system and the Exchange
Server environment must be encrypted.
• Each user must be able to access the internal resources and their
mailbox by using a single user account.
Compliance Requirements
After a security review, the company identifies the following compliance requirements for
the new Exchange Server environment:
• All administrative changes made to the mailboxes must be tracked.
• The legal department must be able to search for messages in all of the
mailboxes.
• Users must be prevented from sending email during an upcoming
statutory holiday.
• All store managers must be prevented from permanently deleting email
messages from their Inbox.
• All email messages must be archived for a minimum of five years to
meet regulatory requirements.
• Management occasionally sends the staff internal memos that contain
confidential information, such as sales figures. The memos must be
protected so that unauthorized users cannot read the memos and
internal users cannot forward the memos to external recipients.
• The users in the research department must be able to send email to
anyone in the organization, but only the members of a group named
Execs must be able to send email to the research users. All other users
must be notified that email sent to the research users will remain
undelivered.
###EndCaseStudy###

You deploy a new certificate to a Client Access server.
You test the new certificate by using Outlook Anywhere from the Internet.
The test generates certificate errors.
You need to prevent the errors from reoccurring.
To which two stores should you add the root CA certificate? (Each correct answer presents part of
the solution. Choose two.)

A.
the personal store on the client computers

B.
the personal store on the Client Access server

C.
the personal store on the Mailbox servers

D.
the Trusted Root Certification Authorities store on the client computers

E.
the Trusted Root Certification Authorities store on the Client Access server

F.
the Trusted Root Certification Authorities store on the Mailbox servers

Explanation:
D: Outlook Anywhere won’t work with a self-signed certificate on the Client Access server. Selfsigned certificates must be manually copied to the trusted root certificate store on the client
computer or mobile device. When a client connects to a server over SSL and the server presents a
self-signed certificate, the client will be prompted to verify that the certificate was issued by a
trusted authority. The client must explicitly trust the issuing authority. If the client confirms the
trust, then SSL communications can continue.
E: If you are providing external access to Autodiscover by using Outlook Anywhere you must install a
valid SSL certificate on the Client Access server.



Leave a Reply 0

Your email address will not be published. Required fields are marked *