How should you configure the policy rule?

###BeginCaseStudy###
Topic 1, Fabrikam inc.
Overview
Fabrikam. Inc. is an international manufacturing company that has 5,000 employees. The company has sales,
marketing research and human resources departments. Fabrikam has two main offices and three branch
offices. The main offices are located in New York and London. The branch offices are located in Seattle,
Montreal, and Paris. The offices connect to each other by using a WAN link. Each office connects directly to the
Internet. The WAN connections from the main offices to the branch offices are reliable.
Existing Environment
Exchange Environment
The Exchange Server organization contains servers that have either Exchange Server 2010 or Exchange Server
2013 installed. Each main office contains two Exchange Server 2013 servers. Each branch office contains one
Exchange Server 2010 server.
MX records are configured to deliver email to the offices in New York and London. Email is delivered to the
London office only if the New York office is unavailable.
Each office is configured to use a separate namespace for client access. The New York office is configured to
use a namespace of mail.fabrikam.com.
The servers in the New York and London offices are members of a database availability group (DAG).
Each mailbox database in the New York and London offices has three copies.
The technical support staff in the branch offices have administrative access to the existing Exchange servers
and are assigned Organization Management permissions.
Users from the sales department frequently send email messages that contain the Social Security number of
customers in the United States.
Problem Statements
Fabrikam identifies the following issues on the network:
 Users in the Paris office report that when launching Microsoft Outlook, they receive a security alert
indicating a certificate name mismatch. The security alert is not generated when they connect to Outlook
Web Access. Users from the other offices do not report receiving the security alert.
 Network administrators report that the mailbox databases in the New York office sometimes activate on
the Exchange servers in the London office, resulting in poor performance for the New York office users.
Planned Changes
Fabrikam plans to implement the following changes to the network:
 Upgrade the organization to Exchange Server 2016 during the next six months.
 Enable online document viewing and editing from Outlook on the web.
High Availability Requirements
Fabrikam identifies the following high-availability requirements for the planned deployment:
 Mailbox databases that contain mailboxes for the New York office users must only be activated on the
servers in the London office manually.
 All client access connections to the London and New York offices must use load-balanced namespaces.
The load balancing mechanism must perform health checks.
Security and compliance requirements
Fabrikam identifies the following security and compliance requirements:
 After the planned upgrade, the maximum mailbox size must be 5 GB.
 Administrators from the branch offices must be able to view the mailbox properties and reset the
passwords of the users, but must be prevented from changing the mailbox database configurations.
 Users who are involved in legal disputes with customers must be prevented from permanently deleting
email messages pertaining to the dispute. The users must be able to delete all other messages
permanently.
 If a user enters a Social Security number in an email message addressed to an external recipient, the user
must receive a notification before sending the message If the user sends the message. The message must
not be delivered. A compliance officer must be notified of the violation.
Connectivity requirements
Fabrikam identifies the following connectivity requirements:
 Connections for inbound and outbound email must be initiated and terminated from an Edge Transport
server in the perimeter network.
 All external client connections from the branch office users must be proxied from the New York office to
the branch offices.
 The number of namespaces used for client access must be minimized.

###EndCaseStudy###

HOTSPOT
You need to configure a data loss prevention (DLP) policy to meet the compliance and security requirements.
How should you configure the policy rule? To answer, select the appropriate options in the answer
area.

###BeginCaseStudy###
Topic 1, Fabrikam inc.
Overview
Fabrikam. Inc. is an international manufacturing company that has 5,000 employees. The company has sales,
marketing research and human resources departments. Fabrikam has two main offices and three branch
offices. The main offices are located in New York and London. The branch offices are located in Seattle,
Montreal, and Paris. The offices connect to each other by using a WAN link. Each office connects directly to the
Internet. The WAN connections from the main offices to the branch offices are reliable.
Existing Environment
Exchange Environment
The Exchange Server organization contains servers that have either Exchange Server 2010 or Exchange Server
2013 installed. Each main office contains two Exchange Server 2013 servers. Each branch office contains one
Exchange Server 2010 server.
MX records are configured to deliver email to the offices in New York and London. Email is delivered to the
London office only if the New York office is unavailable.
Each office is configured to use a separate namespace for client access. The New York office is configured to
use a namespace of mail.fabrikam.com.
The servers in the New York and London offices are members of a database availability group (DAG).
Each mailbox database in the New York and London offices has three copies.
The technical support staff in the branch offices have administrative access to the existing Exchange servers
and are assigned Organization Management permissions.
Users from the sales department frequently send email messages that contain the Social Security number of
customers in the United States.
Problem Statements
Fabrikam identifies the following issues on the network:
 Users in the Paris office report that when launching Microsoft Outlook, they receive a security alert
indicating a certificate name mismatch. The security alert is not generated when they connect to Outlook
Web Access. Users from the other offices do not report receiving the security alert.
 Network administrators report that the mailbox databases in the New York office sometimes activate on
the Exchange servers in the London office, resulting in poor performance for the New York office users.
Planned Changes
Fabrikam plans to implement the following changes to the network:
 Upgrade the organization to Exchange Server 2016 during the next six months.
 Enable online document viewing and editing from Outlook on the web.
High Availability Requirements
Fabrikam identifies the following high-availability requirements for the planned deployment:
 Mailbox databases that contain mailboxes for the New York office users must only be activated on the
servers in the London office manually.
 All client access connections to the London and New York offices must use load-balanced namespaces.
The load balancing mechanism must perform health checks.
Security and compliance requirements
Fabrikam identifies the following security and compliance requirements:
 After the planned upgrade, the maximum mailbox size must be 5 GB.
 Administrators from the branch offices must be able to view the mailbox properties and reset the
passwords of the users, but must be prevented from changing the mailbox database configurations.
 Users who are involved in legal disputes with customers must be prevented from permanently deleting
email messages pertaining to the dispute. The users must be able to delete all other messages
permanently.
 If a user enters a Social Security number in an email message addressed to an external recipient, the user
must receive a notification before sending the message If the user sends the message. The message must
not be delivered. A compliance officer must be notified of the violation.
Connectivity requirements
Fabrikam identifies the following connectivity requirements:
 Connections for inbound and outbound email must be initiated and terminated from an Edge Transport
server in the perimeter network.
 All external client connections from the branch office users must be proxied from the New York office to
the branch offices.
 The number of namespaces used for client access must be minimized.

###EndCaseStudy###

HOTSPOT
You need to configure a data loss prevention (DLP) policy to meet the compliance and security requirements.
How should you configure the policy rule? To answer, select the appropriate options in the answer
area.

Answer:



Leave a Reply 11

Your email address will not be published. Required fields are marked *


Marco

Marco

If a user enters a Social Security number in an email message addressed to an external recipient, the user must receive a notification before sending the message if the user sends the message. The message must not be delivered. A compliance officer must be notified of the violation.

Do the following:

Notify the sender by using a policy tip and block the message.
https://technet.microsoft.com/en-us/library/jj619307(v=exchg.150).aspx

Because you need to choose “notify the sender by …”, the other answer should be given in the first respond rule. A compliance officer must be notified of the violation.
Answer: Generate an incident report and send the report to (email address).

Alman

Alman

I agree with you Marco

Lacey

Lacey

I agree too, but the wrong answer is posted all over the internet.

chris1812

chris1812

I agree Marco too.

Niels

Niels

Thanks Marco
I doubted a bit but after reading the options again it is indeed
-generate incident report and send…
-notify the sender (cause it needs to be a mailtip before user sends)

tmkreddy55

tmkreddy55

Yes Agreed with Marco. Policy tip with an incident report will serve the purpose.

Shaun Farrand

Shaun Farrand

(12/May/2017 Updated) New 70-345 Exam Questions:

NEW QUESTION 1
You have a hybrid Exchange Server 2016 organization. Some of the mailboxes in the research department are hosted on-premises. Other mailboxes in the research department are stored in Microsoft Office 365. You need to search the mailboxes in the research department for email messages that contain a specific keyword in the message body. What should you do?

A. From the Exchange Online Exchange admin center, search the delivery reports.
B. Form the on-premises Exchange Center, search the delivery reports.
C. From the Exchange Online Exchange admin center, create a new In-Place eDiscovery & Hold.
D. From the Office 365 Compliance Center, create a new Compliance Search.
E. From the on-premises Exchange admin center, create a new In-Place eDiscovery & Hold.

Answer: E

NEW QUESTION 2
You have an Exchange Server 2016 organization. Some users access their mailbox by using an Android or an iOS device. You need to prevent the users from using OWA for Devices to access their mailbox. Which cmdlet should you use?

A. Set-CASMailbox
B. Set-MobileMailboxPolicy
C. Set-OWAVirtualDirectory
D. Set-OWAMailboxPolicy

Answer: A

NEW QUESTION 3
Your company has an Exchange Server 2016 organization. The organization contains 2,000 mailboxes and five Mailbox servers, including one server named EX1. Five hundred users retrieve email from their mailboxes by using an IMAP4 client application from the Internet. The users also connect to EX1 to send email messages. All of the email messages are secured by using TLS. An administrator recently replaced the company’s firewall. Users now report that they fail to send email messages from the IMAP4 client application. You verify that the users can retrieve email messages form their mailbox successfully. You need to recommend which TCP port must be allowed so that the users can send email messages from the IMAP4 application successfully. Which TCP port should you recommend?

A. 443
B. 587
C. 993
D. 995

Answer: C

NEW QUESTION 4
……

NEW QUESTION 5
You have an Exchange Server 2016 organization. The organization contains a mailbox database named DB1. DB1 is stored on a volume named Volume1. You plan to use Exchange Native Data protection. You need to recommend a solution to prevent Volume1 from running out of space for transaction logs. What should you recommend?

A. an event history retention period
B. background database maintenance
C. circular logging
D. a size limit of the log directory for the managed folders

Answer: C

NEW QUESTION 6
You have an exchange Server 2016 organization that uses an SMTP domain named contoso.com. You need to encrypt all of the SMTP traffic from the organization to a partner organization. The partner organization uses an SMTP domain named litwareinc.com. Which three commands should you run on your server? Each correct answer presents part of the solution.

A. New-ReceiveConnector-Name “Connector1”-Usage Internet- Bindings 0.0.0.0:587- DomainSecureEnabled: $true
B. Set-TransportConfig-TLSSendDomainSecureList litwareinc.com
C. New-SendConnector-Usage Partner-Name “Connector1” -AddressSpaces “lintwareinc.com” -IgnoreSTARTTLS $false-DNSRoutingEnabled $true -DomainSecureEnabled $true
D. Set-TransportConfig- TLSReceiveDomainSecureList contoso.com
E. Set-TransportConfig-TLSReceiveDomainSecureList litwareinc.com
F. New-SendConnector- Usage Partner -Name “Connector1” -AddressSpaces “contoso.com” -IgnoreSTARTTLS $false-DNSRoutingEnabled $ture -DomainSecureEnabled $true
G. Set-TransportConfig-TLSSendDomainSecureList contoso.com

Answer: CEG

NEW QUESTION 7
You have an Exchange Server 2016 organization. The organization contains an Edge transport server. Users report that a message with the following anti-spam headers is delivered to their Inbox folder in Microsoft Outlook:
X-MS-Exchange-Organization-PCL: 7
X-MS-Exchange-Organization-SCL: 6
X-MS-Exchange-Organization-Antispam-Report: DV:3.1.3924.1409;SID:SenderIDStatus Fail;PCL:PhishingLevel SUSPICIOUS;CW:CustomList;PP:Presolved;TIME:TimeBasedFeatures
You need to prevent similar messages from being delivered. The solution must generate a non-delivery report (NDR) when the messages are prevented from being delivered to all user mailboxes. What should you do?

A. Set the SCL reject threshold to 7.
B. Run the Set-SenderIdConfig cmdlet.
C. Set the SCL delete threshold to 7.
D. Run the Set-TransportConfig cmdlet.

Answer: A

NEW QUESTION 8
You have an Exchange Server 2016 organization. The organization contains one Edge Transport server. A user reports that certain email messages expected from a specific recipient were never received. You need to search for messages that were blocked by the Edge Transport because they contain attachment types that are blocked by the organization. In which folder should you search?

A. QueueViewer
B. AgentLog
C. Connectivity
D. Routing
E. ProtocolLog

Answer: E

NEW QUESTION 9
You have an Exchange Server 2016 organization. Users store sales information in public folders. You need to create a public folder that can receive email from external users. Which three commands should you use? Each correct answer presents part of the solution.

A. Add-MailboxPermission
B. Add-PublicFolderClientPermission
C. Update-PublicFolderMailbox
D. Enable-MailPublicFolder
E. Add-RecipientPermission
F. New-PublicFolder
G. New-Mailbox

Answer: BDF

NEW QUESTION 10
……

BTW, Get The Newest 70-345 Dumps In PDF And VCE From — http://www.passleader.com/70-345.html (104q VCE and PDF)

Good Luck!

dskyo

dskyo

First, you’ll want to configure the DLP scope – in our case, we want to process emails that are sent to external recipients and contain sensitive information.
Then, we want to generate an incident report and send it to an email address for review, this report will include the original email as an attachment.
After the incident report was generated, we want to display a policy tip to the user, something like “This message contains sensitive information that the recipient is not allowed to receive.”
If the user decides to send it anyway, we want to block it. Therefore the last option is “Display a policy tip and block the message”.

As a side note, I believe this option makes the send button unavailable, so the user will only see the policy tip and will not be able to send the email at all. I remember reading something about this but did not test it in my lab yet, so I may be wrong, but the basic idea still stands. The given answer is not correct.

Charles

Charles

Congratulations!!!

Finally PASSED the 70-345 exam yesterday with a good score of 82X!!!

I got 40 questions, including 2 Case Studies:
1. Fabrikam, Inc. (Few new questions appeared in this Case Study!!!)
2. Relecloud

I had many questions about the database availability group (DAG), please learning it deeply.

And, lots of questions about Azure, DNS, Exchange 2016 Server Deployment (AD FS setup), site links and WAN setup between offices……etc.

Also, I came across around 10-15 new questions that not available here.

One new question about IMAP4 over SSL (IMAPS) — port 993.

New question on setting auditlog for create new mailbox.

Questions on this site MAY not enough for passing, SOME NEW QUESTIONS ARE NOT AVAILABLE HERE!

I do recommend you to learn the NEWEST & VALID PassLeader 70-345 dumps here:

https://drive.google.com/open?id=0B-ob6L_QjGLpck5vRk5XUVFQb00

(IT IS THE NEWEST VERSION!!!)

Good Luck!!!

yulinghua

yulinghua

Agree with All,correct answer as below:
1. The recipient is outside of the organization
2.The message contains sensitive information
3. Generate an incident report and send the report to
4.Notify the sender by a policy tip and block the message.

Have tested in my labs . it works.

if follow provided answer to configure the settings, you will receive the below errors:
An action to reject the message was specified, but there is more than one action. When this action is used, it must be the only action in the rule