Which ports should you identify?

###BeginCaseStudy###

Testlet 1
Overview
General Overview
Fabrikam, Inc., is a plastics manufacturer.
Fabrikam has an Exchange Server organization that contains only servers that have Exchange Server 2013
installed.
Physical Locations
Fabrikam has two main offices. The main offices are located in Tampa and Charlotte. The company has 8, 000
users in each office.
Existing Environment
Active Directory Environment
Fabrikam has an Active Directory forest that contains one domain named fabrikam.com. Each office is
configured as an Active Directory site.
The network contains four subnets. The subnets are configured as shown in the following table.

All of the traffic from Subnet1 is routable to Subnet3. All of the traffic from Subnet2 is routable to Subnet4.
All client computers are on Subnet1 and Subnet3 only. Subnet 192.168.1.0/24 and subnet 192.168.10.0/24 are
assigned as the MAPI network.
The network contains four domain controllers. The domain controllers are configured as shown in the following
table.

Network Infrastructure
The network contains the following components:
Two 10-gigabits per second WAN links that connect the Tampa office and the Charlotte office. The links
have a latency of less than 15 ms.
One IP-PBX that is located in the Tampa office. The IP-PBX can use only unencrypted communications.
An Internet connection in the Tampa office and an Internet connection the Charlotte office.
Exchange EnvironmentThe network contains six servers that have Exchange Server 2013 installed. The servers are configured as
shown in the following table.

The Exchange Server environment has the following configurations:
Two data loss prevention (DLP) policies named DLP_Finance and DLP_PII. DLP_Finance is based on a
template named Financial Data – U.S. DLP_PII is based on a template named PII (U.S.).
A mailbox database named UM that hosts only Unified Messaging (UM)-enabled mailboxes and is
replicated between the Mailbox servers in the Tampa office only.
A database availability group (DAG) named DAG1 that contains EX2, EX3, EX5, and EX6. DAG1 is
configured to use DHCP to obtain an IP address.
A Send connector named Tampa SMTP that uses SMTP1 as a smart host. The cost of the Tampa SMTP
connector is 10.
Mailbox servers in the Tampa office that provide outbound SMTP services to the Internet.
A UM dial plan named UM1.
An SMTP relay device named SMTP2 in the Charlotte office.
An SMTP relay device named SMTP1 in the Tampa office.
No client access services are published to the Internet.
Requirements
Exchange Server Issues
The current Exchange Server environment has the following issues:
Due to power failures, the Exchange servers unexpectedly fail, causing databases to fail over. During the
database failovers, the preferred database is not activated, causing an unexpected distribution of active
databases.
An IRM template named No Print or Screenshot is deployed, but the template fails to prevent users from
taking screenshots of email messages.
Technical Requirements
You identify the following technical requirements:
Assign a static IP address to DAG1.
Block all personally identifiable information (PII) data and financial data without exception.
Prevent the forwarding of email messages sent by users who have a value of Legal in their Department
field.
Ensure that the members of a group named HR1 can search all of the mailboxes for sensitive email content.
Use Information Rights Management (IRM) to protect all of the voice mails left for the telephone number of
the human resource (HR) department.
Implement an archiving policy that moves all of the email messages from the mailbox folders to an Archive
mailbox after 30 days and permanently deletes all of the email messages after 365 days.

###EndCaseStudy###

DRAG DROP
The security department implements a new firewall between the IP-PBX system and the servers in the Tampa
office.
You discover that SIP sessions cannot be established between the IP-PBX and EX1.
You need to identify which ports must be opened between the IP-PBX and the Exchange Server 2013 servers.
Which ports should you identify?
To answer, drag the appropriate port or ports to the correct group of servers in the answer area. Each port or
ports may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between
panes or scroll to view content.
Select and Place:

###BeginCaseStudy###

Testlet 1
Overview
General Overview
Fabrikam, Inc., is a plastics manufacturer.
Fabrikam has an Exchange Server organization that contains only servers that have Exchange Server 2013
installed.
Physical Locations
Fabrikam has two main offices. The main offices are located in Tampa and Charlotte. The company has 8, 000
users in each office.
Existing Environment
Active Directory Environment
Fabrikam has an Active Directory forest that contains one domain named fabrikam.com. Each office is
configured as an Active Directory site.
The network contains four subnets. The subnets are configured as shown in the following table.

All of the traffic from Subnet1 is routable to Subnet3. All of the traffic from Subnet2 is routable to Subnet4.
All client computers are on Subnet1 and Subnet3 only. Subnet 192.168.1.0/24 and subnet 192.168.10.0/24 are
assigned as the MAPI network.
The network contains four domain controllers. The domain controllers are configured as shown in the following
table.

Network Infrastructure
The network contains the following components:
Two 10-gigabits per second WAN links that connect the Tampa office and the Charlotte office. The links
have a latency of less than 15 ms.
One IP-PBX that is located in the Tampa office. The IP-PBX can use only unencrypted communications.
An Internet connection in the Tampa office and an Internet connection the Charlotte office.
Exchange EnvironmentThe network contains six servers that have Exchange Server 2013 installed. The servers are configured as
shown in the following table.

The Exchange Server environment has the following configurations:
Two data loss prevention (DLP) policies named DLP_Finance and DLP_PII. DLP_Finance is based on a
template named Financial Data – U.S. DLP_PII is based on a template named PII (U.S.).
A mailbox database named UM that hosts only Unified Messaging (UM)-enabled mailboxes and is
replicated between the Mailbox servers in the Tampa office only.
A database availability group (DAG) named DAG1 that contains EX2, EX3, EX5, and EX6. DAG1 is
configured to use DHCP to obtain an IP address.
A Send connector named Tampa SMTP that uses SMTP1 as a smart host. The cost of the Tampa SMTP
connector is 10.
Mailbox servers in the Tampa office that provide outbound SMTP services to the Internet.
A UM dial plan named UM1.
An SMTP relay device named SMTP2 in the Charlotte office.
An SMTP relay device named SMTP1 in the Tampa office.
No client access services are published to the Internet.
Requirements
Exchange Server Issues
The current Exchange Server environment has the following issues:
Due to power failures, the Exchange servers unexpectedly fail, causing databases to fail over. During the
database failovers, the preferred database is not activated, causing an unexpected distribution of active
databases.
An IRM template named No Print or Screenshot is deployed, but the template fails to prevent users from
taking screenshots of email messages.
Technical Requirements
You identify the following technical requirements:
Assign a static IP address to DAG1.
Block all personally identifiable information (PII) data and financial data without exception.
Prevent the forwarding of email messages sent by users who have a value of Legal in their Department
field.
Ensure that the members of a group named HR1 can search all of the mailboxes for sensitive email content.
Use Information Rights Management (IRM) to protect all of the voice mails left for the telephone number of
the human resource (HR) department.
Implement an archiving policy that moves all of the email messages from the mailbox folders to an Archive
mailbox after 30 days and permanently deletes all of the email messages after 365 days.

###EndCaseStudy###

DRAG DROP
The security department implements a new firewall between the IP-PBX system and the servers in the Tampa
office.
You discover that SIP sessions cannot be established between the IP-PBX and EX1.
You need to identify which ports must be opened between the IP-PBX and the Exchange Server 2013 servers.
Which ports should you identify?
To answer, drag the appropriate port or ports to the correct group of servers in the answer area. Each port or
ports may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between
panes or scroll to view content.
Select and Place:

Answer:

Explanation:
You can configure the TCP port that’s used to listen for Session Initiation Protocol (SIP)
requests on a Unified Messaging (UM) IP gateway. By default, when you create a UM IP
gateway, the TCP SIP listening port number is set to 5060.
The Microsoft Exchange Unified Messaging service and the UM worker process use multiple Transmission
Control Protocol (TCP) and User Datagram Protocol (UDP) service ports to communicate with IP gateways.
The Microsoft Exchange Unified Messaging service and the UM worker process use Session Initiation Protocol
(SIP) over TCP.
By default, the Microsoft Exchange Unified Messaging service listens on both TCP port 5060 in Unsecured
mode and TCP port 5061 when mutual Transport Layer Security (mutual TLS) is used.
Each UM worker process that’s created listens on port 5065 and 5067 (unsecured) and 5066 and 5068
(secured).
But when an IP gateway or IP PBX sends Realtime Transport Protocol (RTP) traffic to the Speech Engine
service worker process, the IP gateway or IP PBX will use a valid UDP port that ranges from 1024 through
65535.

http://technet.microsoft.com/en-us/library/jj150516(v=exchg.150).aspx#ports

Show Hint

← Previous question

Next question →