###BeginCaseStudy###
Topic 3, Contoso Ltd,
Overview General Overview Contoso. Ltd. is an international company that has 3,000 employees.
The company has sales, marketing, research, and human resource departments.
Physical Locations
Contoso has two main offices. The offices are located in New York and Chicago. Each moffice has a data center.
The New York office uses a network subnet of 10.1.0.0/16. The Chicago office uses a mnetwork subnet of
10.128.0.0/16.
The offices connect to each other by using a WAN link. Each office connects directly to the Internet.
Existing Environment
Active Directory The network contains an Active Directory forest named contoso.com. The forest mcontains a
single domain. All domain controllers run Windows Server 2012 R2. The forest mfunctional level is Windows
Server 2012 R2.
The forest contains six domain controllers configured as shown in the following table.
The forest is configured as a single Active Directory site.
Active Directory administrators manage the Active Directory schema. Exchange Server madministrators do not
have access to modify the schema.
Contoso has deployed Active Directory Rights Management Services (AD RMS).
Current Business Model
Contoso partners with a company names Fabrikam. Inc. on manufacturing initiatives. The partnership between
Contoso and Fabrikam requires that both companies share confidentialm information frequently.
Requirements
Business Goals
Contoso plans to install Exchange Server 2016 to provide messaging services for its users.
It must be as easy as possible for the users at Contoso to share free/busy information with mthe users at
Fabrikam.
As much as possible Contoso plans to minimize the costs associated with purchasing hardware and software.
Planned Changes
Contoso plans to implement the following changes before installing Exchange Server 2016:
Install hardware Network Load Balancing (NLB) in the New York and Chicago offices.
Implement Microsoft Office Online Servers in the New York and Chicago offices.
Provide Contoso users with company-approved tablets.
Planned Messaging Infrastructure
You plan to create an Exchange Server 2016 organization named Contoso. You plan to deploy seven servers
that will have Exchange Server 2016 installed. The servers will be configured as mshown in the following table.
All of the servers will be members of a database availability group (DAG) named DAG01.
Client Access Requirements
Contoso identifies the following client access requirements for the planned deployment:
Users must be able to configure their tablet to synchronize email by using Autodiscover.
Users must be able to access the Exchange Server organization by using the following names:
Mail.contoso.com
Autodiscover.contoso.com
Users must be able to access Outlook on the web internally and externally from their tablet.
Users must be able to access Office Online Server by using the URL of office-online.contoso.com.
Security Requirements
Contoso identifies the following security requirements for the planned deployment:
Exchange Server mailbox databases must be encrypted while at rest.
Users must be prevented from using Outlook on the web while they are offline.
Contoso users must be able to share Calendar details with approved external domains only.
Email messages sent to the users in the fabrikam.com SMTP domain must be encrypted automatically.
Whenever possible, client computers must be directed to the same Exchange server for log collection.
Users must be able to access their mailbox by using Exchange ActiveSync on the company approved tablets
only.
Email messages sent from the users in the human resources department of Contoso must be protected by
using AD RMS. regardless of the mail client.
Availability Requirements
Contoso identifies the following high-availability requirements for the planned deployment:
Servers must be able to complete a restart without administrative intervention.
The network load balancer must be able to probe the health of each workload.
If a data center fails, the databases in the other data center must be activated automatically.
Redundant copies of all email messages must exist in the transport pipeline before and after mdelivery.
Email messages must be made highly available by the Exchange Server organization before and after delivery.
If you manually mount the databases following the data center failure, the databases in the failed site must be
prevented from mounting automatically.
###EndCaseStudy###
DRAG DROP
You need to configure the Exchange Server organization to support the security requirements for Calendar
sharing.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order.
Incorrect…
1- fed
2- org
3- edit …
https://support.microsoft.com/en-us/kb/975341
That’s correct Alman!
https://technet.microsoft.com/en-us/library/jj657483(v=exchg.150).aspx
Copy information from your link here
Step 1: Create and configure a federation trust
A federation trust establishes a trust relationship between an Exchange 2013 organization and the Azure Active Directory authentication system and is a requirement for federated sharing.
For detailed instructions, see Configure a federation trust.
Step 2: Create an organization relationship
An organization relationship enables users in your Exchange organization to share calendar free/busy information as part of federated sharing with other federated Exchange organizations. Federated sharing can be configured between two federated Exchange 2013 organizations or between a federated Exchange 2013 organization and federated Exchange 2010 organizations.
For detailed instructions, see Create an organization relationship.
Step 3: Create a sharing policy
Sharing policies enable user-established, people-to-people sharing of calendar information with different types of external users. They support the sharing of calendar and contact information with external federated organizations, external non-federated organizations, and individuals with Internet access. If you don’t need to configure people-to-people or contact sharing (organization-level sharing only), you don’t need to configure a sharing policy.
For detailed instructions, see Create a sharing policy.
Step 4: Configure an Autodiscover public DNS record
You need to add an alias canonical name (CNAME) resource record to your public-facing DNS. The new CNAME record should point to an Internet-facing Exchange 2013 Client Access server that’s running the Autodiscover service.
For detailed instructions about how to add CNAME records, see the host service for your public DNS records. Typically this is an Internet-based service that may also host your domain website.
I think Organization relationship (with fabrikam) produce automatically free/busy information exchange, but we might need new sharing policy to share calendar details. So this would be:
1. Create a federation trust
2. Create an organization relationship
3. Create a new sharing policy
Alman is right on this one. There is a default sharing policy that shares with ALL domains by default. Creating a new policy to share with a specific domain won’t do much, if there’s another policy that shares with all domains.
Mahoney, I think you are right.
https://technet.microsoft.com/en-us/library/jj657483%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396. This is for 2013 but it doesn’t appear to have changed for 2016.
You can do both: create a new sharing policy or edit the default one:
https://technet.microsoft.com/en-us/library/jj853046(v=exchg.150).aspx
I’m agree with the answer
1- fed
2- org
3- edit (I think we have to modify the default policy to set the default “sharing with all domains” rule in th e default policy)
When you modify default sharing policy it is impact on users on your organization.
Contoso users must be able to share Calendar details with approved external domains only
What are you talking about?? Even if you leave the default policy as is, the policy is still applied to all users anyway. The default sharing policy will share calendar info with ALL domains by default. The point is to edit it so that you share with a specific domain instead.
New 70-345 Exam Questions and Answers (12/May/2017 Updated ):
NEW QUESTION 1
You have a hybrid Exchange Server 2016 organization. Some of the mailboxes in the research department are hosted on-premises. Other mailboxes in the research department are stored in Microsoft Office 365. You need to search the mailboxes in the research department for email messages that contain a specific keyword in the message body. What should you do?
A. From the Exchange Online Exchange admin center, search the delivery reports.
B. Form the on-premises Exchange Center, search the delivery reports.
C. From the Exchange Online Exchange admin center, create a new In-Place eDiscovery & Hold.
D. From the Office 365 Compliance Center, create a new Compliance Search.
E. From the on-premises Exchange admin center, create a new In-Place eDiscovery & Hold.
Answer: E
NEW QUESTION 2
You have an Exchange Server 2016 organization. Some users access their mailbox by using an Android or an iOS device. You need to prevent the users from using OWA for Devices to access their mailbox. Which cmdlet should you use?
A. Set-CASMailbox
B. Set-MobileMailboxPolicy
C. Set-OWAVirtualDirectory
D. Set-OWAMailboxPolicy
Answer: A
NEW QUESTION 3
Your company has an Exchange Server 2016 organization. The organization contains 2,000 mailboxes and five Mailbox servers, including one server named EX1. Five hundred users retrieve email from their mailboxes by using an IMAP4 client application from the Internet. The users also connect to EX1 to send email messages. All of the email messages are secured by using TLS. An administrator recently replaced the company’s firewall. Users now report that they fail to send email messages from the IMAP4 client application. You verify that the users can retrieve email messages form their mailbox successfully. You need to recommend which TCP port must be allowed so that the users can send email messages from the IMAP4 application successfully. Which TCP port should you recommend?
A. 443
B. 587
C. 993
D. 995
Answer: C
NEW QUESTION 4
……
NEW QUESTION 5
You have an Exchange Server 2016 organization. The organization contains a mailbox database named DB1. DB1 is stored on a volume named Volume1. You plan to use Exchange Native Data protection. You need to recommend a solution to prevent Volume1 from running out of space for transaction logs. What should you recommend?
A. an event history retention period
B. background database maintenance
C. circular logging
D. a size limit of the log directory for the managed folders
Answer: C
NEW QUESTION 6
You have an exchange Server 2016 organization that uses an SMTP domain named contoso.com. You need to encrypt all of the SMTP traffic from the organization to a partner organization. The partner organization uses an SMTP domain named litwareinc.com. Which three commands should you run on your server? Each correct answer presents part of the solution.
A. New-ReceiveConnector-Name “Connector1”-Usage Internet- Bindings 0.0.0.0:587- DomainSecureEnabled: $true
B. Set-TransportConfig-TLSSendDomainSecureList litwareinc.com
C. New-SendConnector-Usage Partner-Name “Connector1” -AddressSpaces “lintwareinc.com” -IgnoreSTARTTLS $false-DNSRoutingEnabled $true -DomainSecureEnabled $true
D. Set-TransportConfig- TLSReceiveDomainSecureList contoso.com
E. Set-TransportConfig-TLSReceiveDomainSecureList litwareinc.com
F. New-SendConnector- Usage Partner -Name “Connector1” -AddressSpaces “contoso.com” -IgnoreSTARTTLS $false-DNSRoutingEnabled $ture -DomainSecureEnabled $true
G. Set-TransportConfig-TLSSendDomainSecureList contoso.com
Answer: CEG
NEW QUESTION 7
You have an Exchange Server 2016 organization. The organization contains an Edge transport server. Users report that a message with the following anti-spam headers is delivered to their Inbox folder in Microsoft Outlook:
X-MS-Exchange-Organization-PCL: 7
X-MS-Exchange-Organization-SCL: 6
X-MS-Exchange-Organization-Antispam-Report: DV:3.1.3924.1409;SID:SenderIDStatus Fail;PCL:PhishingLevel SUSPICIOUS;CW:CustomList;PP:Presolved;TIME:TimeBasedFeatures
You need to prevent similar messages from being delivered. The solution must generate a non-delivery report (NDR) when the messages are prevented from being delivered to all user mailboxes. What should you do?
A. Set the SCL reject threshold to 7.
B. Run the Set-SenderIdConfig cmdlet.
C. Set the SCL delete threshold to 7.
D. Run the Set-TransportConfig cmdlet.
Answer: A
NEW QUESTION 8
You have an Exchange Server 2016 organization. The organization contains one Edge Transport server. A user reports that certain email messages expected from a specific recipient were never received. You need to search for messages that were blocked by the Edge Transport because they contain attachment types that are blocked by the organization. In which folder should you search?
A. QueueViewer
B. AgentLog
C. Connectivity
D. Routing
E. ProtocolLog
Answer: E
NEW QUESTION 9
You have an Exchange Server 2016 organization. Users store sales information in public folders. You need to create a public folder that can receive email from external users. Which three commands should you use? Each correct answer presents part of the solution.
A. Add-MailboxPermission
B. Add-PublicFolderClientPermission
C. Update-PublicFolderMailbox
D. Enable-MailPublicFolder
E. Add-RecipientPermission
F. New-PublicFolder
G. New-Mailbox
Answer: BDF
NEW QUESTION 10
……
P.S. You Can Get The Newest 70-345 Dumps In PDF And VCE From — http://www.passleader.com/70-345.html (104q VCE and PDF)
Good Luck!
BTW, part of the new 104Q 70-345 dumps FYI:
https://drive.google.com/open?id=0B-ob6L_QjGLpck5vRk5XUVFQb00
Best Regards!
Completed the 70-345 exam yesterday with a good score of 82X!!!
Got 40 questions with 2 Case Studies:
1. Fabrikam, Inc. (Few new questions appeared in this Case Study!!!)
2. Relecloud
I had many questions about the database availability group (DAG), learning it deeply.
And, many questions about Azure, DNS, Exchange 2016 Server Deployment (AD FS setup), site links and WAN setup between offices……etc.
Also, I came across around 10-15 new questions that not available here.
One new question about IMAP4 over SSL (IMAPS) — port 993.
New question on setting auditlog for create new mailbox.
Questions on this site MAY not enough for passing, SOME NEW QUESTIONS ARE NOT AVAILABLE HERE!
I do recommend you to learn the NEWEST & VALID PassLeader 70-345 dumps here:
https://drive.google.com/open?id=0B-ob6L_QjGLpck5vRk5XUVFQb00
(IT IS THE NEWEST VERSION!!!)
Good Luck!!!