You have a server named Server1 that has Exchange Server 2013 installed.
Users access their mailbox by using Microsoft Outlook 2010 and Outlook Web App.
You need to identify when a mailbox is accessed by someone other than the owner of the mailbox.
Which two actions should you perform? Each correct answer presents part of the solution.
A.
Review the security event log.
B.
Enable audit logging for all mailboxes.
C.
Export the administrator audit log.
D.
Run an administrator role group report.
E.
Run a non-owner mailbox access report.
Explanation:
You have to enable mailbox audit logging for each mailbox that you want to run a non-owner mailbox access
report.
The Non-Owner Mailbox Access Report in the Exchange Administration Center (EAC) lists the mailboxes that
have been accessed by someone other than the person who owns the mailbox. When a mailbox is accessed
by a non-owner, Microsoft Exchange logs information about this action in a mailbox audit log that’s stored as an
email message in a hidden folder in the mailbox being audited. Entries from this log are displayed as search
results and include a list of mailboxes accessed by a non-owner, who accessed the mailbox and when, the
actions performed by the non-owner, and whether the action was successful.
Run a non-owner mailbox access report
https://technet.microsoft.com/en-us/library/jj150575(v=exchg.150).aspx