###BeginCaseStudy###
Case Study: 4
Trey Research
Overview
General Overview
Trey Research is a brokerage firm that has 5,000 users. Trey Research has a finance
department, a human resources department, an investment department, and a legal
department.
Trey Research is acquiring a partner company named Fabrikam, Inc.
Physical Locations
Trey Research has four main offices located in Boston, Chicago, New York, and Atlanta. The
offices connect to each other by using a WAN link. The Chicago office connects directly to
the Internet.
Existing Environment
Network Environment
Trey Research has an Active Directory forest named treyresearch.com. The forest contains a
single domain. All domain controllers run Windows Server 2012.
Each office is configured as an Active Directory site.
All user accounts are in an organizational unit (OU) based on their department. All users are
in a universal security group based on their department.
Trey Research has a Lync Server 2013 infrastructure. The infrastructure is configured to
required encryption for voice traffic.
Exchange Server Organization
Trey Research has an Exchange Server organization that contains five servers. The servers
are configured as shown in the following table.
The mailbox databases are mounted on the Exchange servers shown in the following table.
All of the mailboxes of the users in the executives department are mounted on DB3.
A public folder database named PF1 is mounted on EX5.
The Exchange Server organization has the following configurations:
• Users in the legal department use a shared
mailbox named Legal. Legal is enabled for InPlace Hold. Legal is the only mailbox on DB2.
• All inbound and outbound email messages to
and from the Internet are routed through EX1.
• Email messages sent and received by Fabrikam
are secured by using Mutual TLS.
• All public folders are stored in PF1.
All users connect to their mailbox by using Microsoft Outlook 2013 and Outlook Web App.
Fabrikam has an Exchange Server 2013 organization.
Problem Statements
Trey Research identifies the following issues:
• After a change to a certificate, users report that
email messages sent to Fabrikam are not
delivered.
• The storage for DB3 fails. The storage will be
offline for the next two days.
Requirements
Planned Changes
Trey Research plans to implement the following changes:
• Move all public folders to an Exchange Server
2013 server. The solution must ensure that all
users cannot modify the public folders stored on
EX5 after the planned move.
• Integrate Unified Messaging (UM) services with
the Lync Server 2013 infrastructure.
Collaboration Requirements
Custom recipient MailTips created in the Exchange Server organization of Trey Research
must be visible to the users at Fabrikam. The solution must ensure that administrators can
define a subset of users who can share their MailTips.
Auditing Requirements
The following actions must be audited for actions in the Legal mailbox only:
• Delegate – Purge mailbox content
• Delegate – Transfer file between folders
• Administrator – Messages sent by administrator
• Administrator – Open any content within the
mailbox
Security Requirements
Trey Research identifies the following security requirements:
• Ensure that the users in the finance department
can protect email messages from being altered in
transit, regardless of the recipient.
• Prevent the email messages sent to the users in
the human resources department from being
forwarded to external recipients.
• Prevent the audio files in voice mail message
marked as Private from being extracted from
email messages.
• Redirect email messages that contain social
security information to the legal department.
Compliance Requirements
Trey Research identifies the following compliance requirements:
• All users must be notified before they send an
email message that contains any five bank
account numbers to an external recipient. The
users must be able to override the requirement if
they have a valid business reason to send the
email message.
• Users must use a custom message classification
when they send email messages that contain
information about the planned acquisition of
Fabrikam.
• Only the users in the legal department must be
able to use eDiscovery to view the contents of
email messages sent by the finance department
users.
###EndCaseStudy###
You need to implement a solution that meets the compliance requirements for the members of the
legal department.
Which two cmdlets should you use? (Each correct answer presents part of the solution. Choose two.)
A.
New-RoleAssignmentPolicy
B.
Add-ManagementRoleEntry
C.
New-ManagementRoleAssignment
D.
New-ManagementRole
E.
New-ManagementScope
Explanation:
* From scenario:/ Only the users in the legal department must be able to use eDiscovery to view the contents of
email messages sent by the finance department users.
/ Users in the legal department use a shared mailbox named Legal. Legal is enabled for In-Place Hold.
Legal is the only mailbox on DB2.
We need to assign the role to the legal department users using the NewManagementRoleAssignment cmdlet.
To restrict the eDiscovery access to the finance users emails, we need to create a scope using the
New-ManagementScope cmdlet.
C & E
The explanation also says C and E.
The explanation is not correct, it must be C and D because with New-ManagementRoleAssigment you can specify the scope where the distribution group or security group will reach their permissions and by recomendation you should create a role based on a built-in parent group as the discovery management group and use that role with the managementroleassigment.
https://technet.microsoft.com/en-us/library/dd335193(v=exchg.160).aspx
“Only the users in the legal department” –E– If you want to apply a role to a subset of the objects, define the scope as part of the role or create new scope.
After you create a regular or <> scope, you need to associate the scope with a management role assignment. To associate a scope with a role assignment, use the New-ManagementRoleAssignment cmdlet.
https://technet.microsoft.com/en-us/library/dd335137(v=exchg.150).aspx
* >>EXCLUSIVE<<