You need to identify which user sent the message

You deploy Office 365. All the members of a team named Sales have full access to a shared mailbox named
Sales. You enable auditing for all shared mailboxes. From the Sales mailbox, an email message that contains
inappropriate content is sent. You need to identify which user sent the message. What should you do?

You deploy Office 365. All the members of a team named Sales have full access to a shared mailbox named
Sales. You enable auditing for all shared mailboxes. From the Sales mailbox, an email message that contains
inappropriate content is sent. You need to identify which user sent the message. What should you do?

A.
From the Exchange Control Panel, run an administrator role group report.

B.
From Windows PowerShell, run the Get-SharingPolicy cmdlet.

C.
From Windows PowerShell, run the Write-AdminAuditLog cmdlet.

D.
From Windows PowerShell, run the New-MailboxAuditLogSearch cmdlet.

Explanation:
The cmdlet New-MailboxAuditLogSearch is used to search in auditlogs.
Incorrect Answers:
B: The Get-SharingPolicy cmdlet allows you to view the settings of sharing policies. Sharing policies allow for
user-established, people-to-people sharing of calendar information with different types of external users. To
identify which user sent the message, you should view the sharing policies to reveal the relevant mailbox.
https://technet.microsoft.com/en-us/library/ff522362(v=exchg.150).aspx



Leave a Reply 1

Your email address will not be published. Required fields are marked *