You have a server named Server1 that has Exchange Server 2013 installed.
Users access their mailbox by using Microsoft Outlook 2010 and Outlook Web App.
You enable auditing for all of the mailboxes.
You need to identify when a mailbox is accessed by someone other than the owner of the mailbox.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose
two.)
A.
Export the administrator audit log.
B.
Run an administrator role group report.
C.
Export the mailbox audit log.
D.
Run a non-owner mailbox access report.
E.
Review the security event log.
Explanation:
C: Use the Auditing tab to run reports or export entries from the mailbox audit log and the administrator audit
log.
/ The mailbox audit log records whenever a mailbox is accessed by someone other than the person who owns
the mailbox. This can help you determine who has accessed a mailbox and what they have done.
/ The administrator audit log records any action, based on a Windows PowerShell cmdlet, performed by an
administrator. This can help you troubleshoot configuration issues or identify the cause of security- or
compliance-related problems.
D: Run a Non-Owner Mailbox Access Report
Use this report to find mailboxes that have been accessed by someone other than the person who owns the
mailbox.