You have a server named Server1 that has Exchange Server 2013 installed.
Users access their mailbox by using Microsoft Outlook 2010 and Outlook Web App.
You enable auditing for all of the mailboxes.
You need to identify when a mailbox is accessed by someone other than the owner of the mailbox.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution.
Choose two.)
A.
Export the administrator audit log.
B.
Run an administrator role group report.
C.
Export the mailbox audit log.
D.
Run a non-owner mailbox access report.
E.
Review the security event log.
Explanation:
C: Use the Auditing tab to run reports or export entries from the mailbox audit log and the
administrator audit log.
/ The mailbox audit log records whenever a mailbox is accessed by someone other than the person
who owns the mailbox. This can help you determine who has accessed a mailbox and what they
have done.
/ The administrator audit log records any action, based on a Windows PowerShell cmdlet, performed
by an administrator. This can help you troubleshoot configuration issues or identify the cause of
security- or compliance-related problems.
D: Run a Non-Owner Mailbox Access Report
Use this report to find mailboxes that have been accessed by someone other than the person who
owns the mailbox.