What should you identify?

Your company plans to deploy Exchange Server 2010 Service Pack 1 (SP1). The company’s security
policy has the following requirements:
• Users who access the Exchange organization from the Internet must use a smart card or an X.509
certificate for authentication.
• All access to the Exchange organization from the Internet must pass through Microsoft Forefront
Threat Management Gateway (TMG).
You need to identify which client connection methods can be implemented based on the security
policy. What should you identify? (Choose all that apply.)

Your company plans to deploy Exchange Server 2010 Service Pack 1 (SP1). The company’s security
policy has the following requirements:
• Users who access the Exchange organization from the Internet must use a smart card or an X.509
certificate for authentication.
• All access to the Exchange organization from the Internet must pass through Microsoft Forefront
Threat Management Gateway (TMG).
You need to identify which client connection methods can be implemented based on the security
policy. What should you identify? (Choose all that apply.)

A.
Outlook Web App

B.
POP3

C.
IMAP4

D.
Exchange ActiveSync

E.
the Exchange Control Panel (ECP)

Explanation:
The Exchange Control Panel is a Web application that runs on a Client Access Server providing
services for the Exchange organization. This Exchange Control Panel is installed automatically when
you install a Client Access server. To manage Exchange from just about anywhere, you simply need
to enter the URL path for the application in your browser’s Address field. You can then access the
Exchange Control Panel. By default, the Exchange Control Panel URL is
https://yourserver.yourdomain.com/ecp.
The Client Access server to which you connect processes your remote actions via the ECP application
running on the default Web site. The physical directory for this application is
%ExchangeInstallPath%\ClientAccess \Ecp. And it runs in the context of an application pool named
MSExchangeECPAppPool. In the % ExchangeInstallPath%\ClientAccess\Ecp directory on your server,
you’ll find a web.config file that defines the settings for the ECP application.
When you install an Exchange server, the setup process creates a self-signed Security certificate.
Because this default certificate is not issued by a trusted authority, you will see a related error
message when you use HTTPS to access services hosted by your Client Access servers. By default,
Client Access servers are configured to use Secure HTTP (HTTPS) for Outlook Web App. When you
install Exchange Server 2010, a self-signed security certificate is automatically issued for the Client
Access server. Since this default certificate is not issued by a trusted certificate authority, users will
see a warning when they access OWA stating that there is a problem with the Web site’s security
certificate.

At the warning prompt, the user simply needs to click the Continue To This Website link to access
the Outlook Web App. Of course, this warning can be disconcerting to the user and have users click
to continue anyway sets a bad precedent, training users to ignore online security warnings.
The user will see this warning continuously until you install a certificate from a trusted source on the
server.
X 509 Certificate What are colloquially known as SSL certificates should be referred to as X.509
certificates. The term SSL certificate became common due to the adoption of the X.509 (one of the
ITU X.500 Directory standards) certificate format by Netscape when it designed the original versions
of the SSL protocol, eons ago, when the world was still young and the Internet was a friendly place.
The term ‘SSL certificate’ persisted simply because given the choice of saying SSL certificate or ‘X.509
certificate’ which would you choose?
http://www.zytrax.com/tech/survival/ssl.html#x509-overview



Leave a Reply 0

Your email address will not be published. Required fields are marked *