English Русский Contacts Site map Add to favorites
Profile
Registration
Login
Braindumps
Master braindump list
New braindumps
Submit a dump
Get latest dump
Forums
braindumps.com.ua
flame
Vendor
3COM (7)
Adobe (1)
BEA (1)
Checkpoint (22)
Cisco (20)
Citrix (17)
CIW (15)
Compaq (0)
CompTIA (51)
CWNA (2)
EMC (2)
Exin (4)
GEJOS (4)
HDI (1)
HP (4)
IBM (13)
Juniper (1)
Linux Prof Institute (LPI) (2)
Lotus (11)
Microsoft (2461)
Network Appliance (2)
Novell (16)
Oracle (412)
PLSQL (1)
PMI (4)
SAS (1)
Sun (87)
Teradata (4)
Authorization
Login:
Password:
RSS feed

Contacts
Certification links
Links
Authorized users can rate dumps.
Please log in or sign up.

  № 5239, Microsoft 70-284: Passed - with this dump.  03.09.2006 
  Rates: 0 

Basic Facts About Testking

TestKing Introductory Note:
At the moment, many argue about the necessity of certificates and every day its becoming more difficult to get these certificates, because they are permanently upgrading and being aware of the latest upgrades is essential nowadays. Therefore, the basic facts are quite simple - to get ready for these examinations and read carefully all the certification manuals, as well as study guide and the best possible resource concerning this cram is undoubtedly testking.

Essential Details About Testking Brain Dumps:
At test king our main goal is to give you the best braindumps and other examination materials that can get you prepared for your examinations the way no other resource can do. Our team consists of professionals and dedicated specialists, who in their turn are certification holders and know all the ins and outs of the certification game. And to be the best among competitors is the essential longing of Testking team, and it is proven by our continuous efforts - the number of students who have not only succeeded in their exams, but at present are at the top of their professional fields speaks the truth.

Getting Prepared for Your Exam With Testking:
At testking we provide you with all existing materials and manuals, study guides necessary for your certification cram session. These include study guides, braindumps, practical examination materials that will show you the right direction and system on how to prepare. The braindumps we have prepared for you will help you succeed in your cram session and achieve the certification you want the most.

Why Choose Testking:
A great number of online and offline services is available at the moment on the certification market that prepare people for certifications. Among them are such online services as transcender, certmag and many more alike. However, Testking is the only existing service that covers all existing vendors in a unique and adequate manner, summarizing all the essential data. At Testking we give you an exclusive opportunity to get prepared for your examination having a wide range of braindumps, manuals and guidelines that will ultimately help you reach the essential goal of certification. We righteously claim that no other service provides such a detailed cram session exam guidelines, and that is only a small part of valuable information Testking gives you to get good and ready for your exams.




All questions same as dump.
Good Luck.

1.QUESTION NO: 1

You are the Exchange administrator for TestKing. The Exchange organization contains 10
Exchange servers. All Exchange servers run Exchange Server 2003 and Microsoft
Windows 2000 Server. All client computers run Windows XP Professional.
A single Exchange server named TestKing1 is allowed to send and receive SMTP traffic to
and from the Internet. User mailboxes are evenly distributed across the other nine
Exchange servers. All Exchange servers host Microsoft Outlook Web Access and are
accessible from the Internet by using HTTP only.
You distribute Outlook to all users. You ensure that all users have personal digital
encryption certificates issued by a commercial certification authority (CA). Subsequently, a
new written security policy is issued. The policy requires encryption for all e-mail messages
that contain confidential data.
You need to ensure that all local and remote users can send and receive encrypted e-mail
messages. You must achieve this goal by making the minimum number of changes to the
protocols allowed into the intranet from the Internet.
What should you do?

A. Instruct local users to use Outlook to send encrypted e-mail messages.
Instruct remote users to use Outlook Web Access to send encrypted e-mail messages.
B. Instruct all users to use Outlook to send encrypted e-mail messages.
Configure all client computers to use RPC over HTTP to connect.
C. Instruct all users to use Outlook to send encrypted e-mail messages.
Instruct remote users to establish VPN connections to the Exchange server that contains
their mailboxes before they use Outlook.
Configure the network to permit VPN connections to all Exchange servers, configure
Routing and Remote Access on all Exchange servers to accept VPN connections.
D. Instruct all users to use Outlook to send encrypted e-mail messages.
Configure Outlook for local users to connect to the Exchange servers as an Exchange
client.
Configure Outlook for remote users to connect to the Exchange servers as a POP3 client.
Ensure that all Exchange serves can send and receive messages to and from the Internet.


Answer: A

Explanation :
Exchange exists on Windows 2000, and need ensure that all users have personal digital
encryption certificates issued by a commercial certification authority (CA). They can configure
external PKI certificates for each user mapped to each user account. This way users can utilize
Outlook or OWA to encrypt and answer A is valid.

Incorrect Answers :
B: The requirements for using OWA with S/MIME support include the following:
The server must be running Exchange Server 2003.
The client must be running Windows 2000 or later and Internet Explorer 6.0 Service Pack 1
(SP1) or later and a smart card or other certificate.
C: VPN connections will encrypt communications to and from Outlook and OWA servers.
However, the question requires a minimum number of changes to protocols and configuration.
Simply using the built-in features of Outlook and OWA 2003 will accomplish the task with no
changes. Therefore, this is not the best answer. D. :POP means a protocol change. Since this violates the requirement of a minimum number of
protocol changes, this is not the best answer.
Reference
See "Configuring Exchange Server 2003 for Client Access," in the book Exchange Server 2003
Deployment Guide
(http://www.microsoft.com/exchange/library).
Exchange Server 2003 Administration Guide

2.QUESTION NO: 2

You are the Exchange administrator for TestKing. The Exchange organization contains a
single server that runs Exchange Server 2003. The Exchange server supports POP3,
IMAP4, and MAPI clients. Company employees use various client software applications for
e-mail.
POP3 users report that they receive a Winmail.dat attachment on every e-mail message
that they receive. The attached file contains only random characters.
You need to ensure that POP3 users do not receive Winmail.dat attachments.
What should you do on the POP3 virtual server?


A. Configure the character set to US ASCII.
B. Configure the message encoding format to MIME.
C. Configure the message encoding format to UUENCODE.
D. Disable support of rich-text formatting.

Answer: D

According to the Microsoft Exchange Help: Exchange Server 2003Message Format
Use this tab to configure the way that MAPI messages are converted when retrieved by a Post
Office Protocol version 3 (POP3) client. You can choose the MIME encoding type and the
character set. You can also choose whether to send messages to POP3 clients in Exchange Rich
Text Format, Standard Text format, or both.
Note: Exchange Rich Text Format will not be used if HTML formatting is selected in Outlook.
Caution: You should only select this option if every client that will be connecting to this virtual
server supports Exchange Rich Text Format. Incompatible clients will display blank messages
with unviewable file attachments called winmail.dat.
Incorrect Answers: A. is incorrect, as there are many mail systems that do not use US ASCII for text. Forcing this
format will result in any email server that uses a non US ASCII character set to generate the
same winmail.dat file. A good example of this is anything sent overseas. Even if the receiving
email system is configured for US ASCII, any interim SMTP server that does not will generate
the winmail.dat file.


B: is not correct due to the fact that disallowed characters are replaced with plain text as possible,
but no winmail.dat file is generated. The winmail.dat file is generated by rich text formatting in
a message being ?set aside? into this file for incorporation at the destination. The winmail.dat
file contains all the rich text formatting information for the message. If a POP3 client can not
utilize rich text formatting, this file remains in the message, and contains unprintable characters.
Settings for the POP3 virtual server: C. is not correct, as UUEncode takes a binary file and converts to 7 bit ASCII. This is used in
news groups to convert a binary file such as a photograph to ASCII text.
Reference :
Exchange Server 2003 Administration Guide; Exchange Server 2003 Help File

3.QUESTION NO: 3

You are the Exchange administrator for TestKing. The Exchange organization contains a
single server that runs Exchange Server 2003.
After a new written company security policy is implemented on the Exchange server, the
SMTP virtual server is configured as shown in the Authentication dialog box in the exhibit.


External customers now report that they cannot send e-mail to TestKing from the Internet.
They receive error messages stating that they do not have permission to submit e-mail to
your Exchange server.
What should you do?

A. Enable anonymous access.
B. Enable basic authentication.
C. Reconfigure the relay restrictions to allow all IP addresses to relay to the SMTP virtual
server.
D. Specify that the NETWORK group has permission to submit messages to the SMTP
virtual server.

Answer: A

Explanation :
By default, the SMTP virtual server allows only authenticated users to relay e-mail messages.
This setting prevents unauthorized users from using your Exchange server to send e-mail
messages to external domains.
If your server is secured for relay, only authenticated users can send mail to the Internet using
your server.
To verify SMTP virtual server is configured to allow anonymous access
In Exchange System Manager, in the Properties dialog box of the SMTP virtual server, on the
Access tab, click Authentication.
In the Authentication dialog box (see Figure 5.15), select the Anonymous access check box (If it
were selected, this problem would not exist.)
Figure 5.15 Authentication dialog box
To permit use the SMTP connector to external users you need to permit anonymous user access
to SMTP connector.
Reference :
Exchange Server 2003 Administration Guide


4.QUESTION NO: 4

You are the Exchange administrator for TestKing.
One front-end server and three back-end servers run Exchange Server 2003.
The front-end server provides remote users with access to Microsoft Outlook Web Access.
The only server that is accessible from the Internet is the front-end server.
Many users report problems to the help desk when using Outlook Web Access for the first
time.
You discover that the majority of the problems are a result of the user?s lack of familiarity
with Outlook Web Access.
You need to ensure that users are automatically presented with a customizable Help and
Outlook Web Access logon Web page.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two)

A. Enable forms-based authentication to the front-end server.
B. Enable SSL on the front-end server. Require all users to use SSL when they connect.
C. Enable SSL on all the back-end servers. Require all users to use SSL when they connect.
D. Create an Active Server Pages (ASP) sign-on page for each back-end server.
E. Set the HTTP Exchange virtual directory?s Execute permissions to allow scripts.


Answer: A,B

Explanation :
A: Enabling forms based authentication on the SMTP virtual server is required, as this is what
will allow the form to be displayed when the user attempts to connect to the OWA server.
B is also required. Attempting to enable Forms Based Authentication will result in the following
dialog box:
To enable forms based authentication for Outlook Web Access: 1. Start System Manager: On the Start menu, point to Programs, point to Microsoft
Exchange, and then click System Manager.
You can manually start the application by following these instructions: On the Start menu, point
to Programs, point to Microsoft Exchange, and then click System Manager.
2. Navigate to HTTP.
Servers
1. Server
2. Protocols
3. HTTP
3. Right-click a virtual server, and then click Properties.
4. On the Settings tab, in the Outlook Web Access pane, select Enable Forms Based
Authentication, and then click OK.
Incorrect Answers:
C: Enabling SSL on all the back end servers will have no effect, as all the external clients are
connecting to the front end servers only. Remember that only the front end server connects to the
back end servers, and that communication is beyond the scope of this question.
D: Creating anything on the back end server is not helpful. Since all the external clients use the
front end servers to communicate, no outside user would ever see the sign on page created on the
back end server.
E: Setting the HTTP site?s virtual page to allow scripts will be automatically accomplished by
allowing forms based authentication. Therefore, it will not be explicitly required.
Reference
Exchange Server 2003 Administration Guide
What's New in Exchange 2003
Exchange Server 2003 Product Help


5.QUESTION NO: 5

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain testking.com. All users use Microsoft Outlook and Outlook Web Access
to send and receive e-mail.
TestKing hires 50 independent contractors. All contractors work off site. None of them
have user accounts in the domain. Internal users communicate with the contractors by email.
However, users report that they cannot find e-mail addresses for the contractors in
Outlook or in Outlook Web Access.
You need to ensure that all users can look up the e-mail addresses of the contractors in the
global address list (GAL). Your configuration must not give the contractors any permission
on any company resources.
What should you do?

A. For each contractor, create a mail-enabled User object in Active Directory.
Configure the User object to forward e-mail messages to the contractor?s e-mail address.
B. For each contractor, create a mail-enabled contact object in Active Directory.
Configure the Contact object to use the contractor's e-mail address.
C. Create an Outlook distribution list that includes all contractors.
Send the distribution list to all internal users in e-mail
D. Create an Outlook contact for each contractor?s e-mail address.
Send all Outlook contacts to all internal users in e-mail.


Answer: B

Explanation :
To see the contractors email you just need to create a contact object for each contractor and put
their mail address to forward the mail to the mail contact ? This explanation is correct, but the
correct answer to match this explanation is ?B?, not ?A?. A mail-enabled contact, not a mailenabled
user object needs to be created in order to prevent the contractors from having any rights
in the organization.
Contact: An Active Directory object that represents a user who is outside of the Exchange
organization. For example, a contact may represent a user at another company.
Incorrect answers:
A: is incorrect because the question states that the contractors must not be allowed any access to
the company resources. If a user object is created, they will have some permissions on the
domain unless other precautions are taken. (Domain users have access to many resources such as
printing.) Since the question does not state these precautions are taken, ?A? can not be correct.
C: A distribution list for the contractors can not be created since they do not have any
information in Active Directory. In order for the contractors to show up for a Distribution List,
they must first either be created as users or as contacts.
D: This answer will not list the contractors in the GAL. In addition, it would be very labor
intensive and not centralized.
Reference :
Exchange Server 2003 Administration Guide

6.QUESTION NO: 6

You are the Exchange administrator for TestKing. All network servers run Microsoft
Windows Server 2003. The network contains a two-node server cluster.
Another administrator installs Exchange Server 2003 on the cluster in an active/passive
configuration. When you test the installation, you discover that Exchange is not running on
the cluster. Exchange services are set to manual startup and are not running on either
node.
You need to ensure that Exchange is running on the cluster.
What should you do?

A. Configure all Exchange services to start automatically on the active node.
Reboot the active node.
B. Configure all Exchange services to start automatically on both nodes.
Reboot both nodes.
C. Create a new cluster resource group for the Exchange server and create a System
Attendant resource.
D. In Exchange Server 2003, run the setup /disasterrecovery command to reinstall
Exchange Server 2003 on the active node.


Answer: C

Explanation :
It is only stated that Exchange has been installed in a Cluster. However, to permit an active
passive configuration, they need to perform the additional task: Create a new cluster resource
group for the Exchange server and create a System Attendant resource for the
active/passive configuration.
Customizing Your Exchange Cluster Configuration
When you deploy Exchange Server 2003 in a cluster, you must accept many default settings. For
instance, your Exchange cluster consists of Exchange Virtual Servers that are created using the
New Group Wizard. However, this wizard does not allow you to configure all of the possible
failover options for your Exchange Virtual Servers. Similarly, the New Resource Wizard, which
creates an Exchange System Attendant resource for your Exchange Virtual Server, automatically
creates the remaining Exchange resources, like the Exchange store and the MTA, using the
default settings for each of these additional resources.
Because initial cluster deployment usually involves so many default settings, you may need to
customize your cluster configuration settings. This customization is important not only to
achieve your cluster objectives, but also to achieve optimal cluster performance. Improper cluster
configuration is the source of many of the Exchange-related issues handled by Microsoft Product
Support Services. For this reason, carefully follow the recommendations in this chapter to ensure
your clusters perform optimally.
Configuring Exchange Virtual Server Settings
When you create your Exchange Virtual Servers, the default properties that are applied at that
time should allow your Exchange cluster to operate adequately. However, you may want to
modify these settings to customize your clusters to accommodate your specific Exchange
environment.
To change the configuration settings for an Exchange Virtual Server, you use the property
settings associated with that Exchange Virtual Server object. These property settings instruct
Cluster Service in how to manage your Exchange Virtual Servers.


7.QUESTION NO: 7

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain testking.com. All network servers run Microsoft Windows Server 2003.
The relevant portion of the network configuration is shown in the exhibit.
Each of the five offices is defined as a separate Active Directory site. Each site contains one
global catalog server, which also provides DNS services for all local computers. The global
catalog servers are named TESTKING1 through TESTKING5.
Active Directory replication is managed by the company?s networking group. The server in
each branch office replicates with the main office once a day after regular business hours.
To avoid saturating the WAN connections or overloading TESTKING1, the starting times
for replication are staggered by one hour. Active Directory replication cannot be forced to
occur at any time other than the regularly scheduled replication interval.
Management decides to implement Exchange Server 2003 as the companywide messaging
system. Each office requires its own Exchange server, which must be located in a separate
routing group. Necessary hardware is purchased. All appropriate software is installed in
each office to prepare for the installation of Exchange. You install Exchange on a new
server in the main office and create all of the routing groups. Then you immediately begin
to remotely install Exchange on a new server in one of the branch offices. However, you are
unable to select a routing group in which to place the server. You cancel the installation.
You need to ensure that you can complete the installation of the branch office Exchange
servers before the end o the business day.
What should you do?

A. First configure the new server in each branch office to point to TESTKING1 as its
primary DNS server.
Then install Exchange Server 2003 on the new server.
B. First configure the new server in each branch office to point to the local global
catalog server as its primary DNS server.
Then install Exchange Server 2003 on the new server.
C. On the new server in each branch office, install Exchange by running setup
/choosedc and specify TESTKING1.
D. On the new server in each branch office, install Exchange by running setup
/choosedc and specify the local global catalog server.


Answer: C

They tell us that the schedule can not been modified or forced, Exchange server 2003 installation
needs to lookup for the CG attributes for Exchange, the new server site can not been installed
until the replication occurs, but they can use the new Exchange Server 2003 switch /ChooseDC
and select TestKing1 as the GC to successfully install Exchange. Exchange Server 2003
includes a new switch that is supported by the Exchange 2003 Setup program. This switch is
named the /chooseDC, and you can use it to specify the domain controller that Setup must use
during installation to read and to write Microsoft Active Directory service information. You can
use the /chooseDC switch in combination with other Exchange 2003 Setup switches, including
/domainprep.
Reference :
Description of the /ChooseDC Switch in Exchange Server 2003 822593
Setup Options for Exchange Server 2003 822893

8.QUESTION NO: 8

You are the Exchange administrator for TestKing. The company?s network consists of a
single Active Directory domain named testking.com.
You attempt to install Exchange Server 2003 on your existing Exchange Server 5.5
computer. Setup fails, and you receive the following error message: ?This version of
Microsoft Exchange does not support upgrading from Exchange Server 5.5.?
You need to ensure that Exchange Server 2003 can be installed on the existing exchange 5.5
server.
What should you do?

A. Install the Exchange Sever 2003 Active Directory Connector (ADC).
B. Upgrade the Exchange 5.5 server to Exchange 2000 Server.
C. Upgrade the operating system of the Exchange 5.5 server to Microsoft Windows Server
2003.
D. Run the commands to clean and prepare the forest and to prepare the domain for
Exchange Server 2003.


Answer: B

Explanation :
In-place upgrade from Exchange Server 5.5 to Exchange 2003 is not supported. Because they ask
to us for an in place upgrade, an upgrade to Exchange 2000 is required. After that, from
Exchange 2000 to Exchange 2003.
They do not tell use if the ADC is running or not, for this reason I do not consider answer ?A?,
although is a required step to upgrade ADC to Exchange 2003, they ask to us for in place
upgrade
Exchange 5.5 to Exchange 2000 In-Place Upgrade Method
With the in-placed upgrade method, you can take an existing Exchange Server 5.5 SP3 or SP4
server and install Exchange 2000 Server on it. In this way, you upgrade your existing Exchange
Server databases and connectors to Exchange 2000 Server. When you use this method, you must
perform all prerequisites and testing for the installation of Exchange 2000 Server.
You must upgrade Active Directory Connectors (ADCs) to the version of ADC that is included
in Exchange 2003 before you can install the first Exchange 2003 computer in your organization.
The installation of the first Exchange 2003 ADC increments all connection agreement version
numbers that are hosted on the server.
Understanding this option is available is important, but including it in a discussion of the
question is not relevant, and will end up confusing the user come exam time.
References
Considerations When You Upgrade to Exchange Server 2003 822942
Overview of Operating System and Active Directory Requirements for Exchange Server 2003
822179
XADM: Description of Exchange Server Migration Methods 327928


9.QUESTION NO: 9

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain testking.com. Currently, companywide messaging services are provided
by an IMAP4 mail server.
You create a new Exchange organization to replace the existing messaging system.
Exchange Server 2003 is installed on all Exchange servers. All IMAP4 mailbox data must
now be migrated to an Exchange server named TestKing1. IMAP4 users already have user
accounts in the domain. You manually create a migration file that lists all IMAP4 users.
Then you perform a one-step migration of the IMAP4 mailbox data. The migration
completed with errors. The migration summary is shown in the exhibit.
You verify that the Active Directory user accounts for the IMAP4 users have Exchange
mailboxes on TestKing1. However, the mailboxes are empty.
You need to ensure that all IMAP4 mailbox data is migrated to the new Exchange
mailboxes.
What should you do?

A. Enable and start the Exchange IMAP4 service on TestKing1 and return the one-step
migration.
B. Create an Active Directory user account that has the same user name and password as the
IMAP4 mail administrator.
Assign the Send As permission on TestKing1 to the new account.
Use the new account to log on to TestKing1 and rerun the one-step migration.
C. Collect the Exchange alias name of each new Exchange mailbox.
Use this information to update the migration file and rerun the one-step migration.
D. Collect the IMAP4 mailbox password of each IMAP4 user.
Use this information to update the migration file and rerun the one-step migration.


Answer: B

Explanation :
IMAP4 users already have user accounts in the target domain and you manually create a
migration file that lists all IMAP4 users. Exchange Migration Wizard must have appropriate
permissions in the original mail account and in the destination to be able to access. In order to do
that you will need to give the account the send as permission to the Migration wizard account
The Migration Wizard is stand-alone application that is installed on your computer during
Exchange setup. Migration Wizard consists of two types of components: source extractors and a
migration file importer. Source extractors copy directory information, messages, and calendar
information from various messaging systems. They save the data in and intermediate file format
that can be read by the migration file importer.
After the information is in an intermediate file format, the migration file importer imports
directory information to Active Directory and then adds messaging data to Information Store.
You can perform both steps in this two-step process (extract and then import) the same time or in
separate steps.
Create a List of Accounts
You can manually create a list of merge operations for Active Directory Account Cleanup
Wizard to perform. You can create a list of merge operations in Notepad or any other
application that uses the .csv format.
Note You need to create a list of merge operations manually only if you have a particular
reason to do so; for example, you might want to create a list of merge operations manually if you
already have a list of accounts to be merged in the correct .csv format for the wizard.
Grant or Deny Mailbox Permissions to a User or Group
You can grant or deny permissions for a mailbox-enabled user, or mail-enabled user or
group, that enables them to access another's mailbox. This is helpful when you want to
enable a user or group to have permissions to another's mailbox. For example, you can give a
mailbox-enabled user send as permissions to another user's mailbox; or you can deny a mailenabled
group from reading permissions of an existing user.
To create a list of accounts to be merged in Notepad:
1. Open Notepad.
2. In a blank Notepad document, type Source,Target on the first line.
3. On the following lines, type the source and target accounts for the merge operations you
want to add:
,

10.QUESTION NO: 10

You are the Exchange administrator for TestKing. The network contains a single Exchange
Server 2003 computer. The Exchange server contains a single storage group that contains
one mailbox store and one public folder store.
The server is configured with two logical drives. System files and Exchange transaction log
files are located on drive C. Exchange database files, which have a total size of 80 GB, are
located on drive D.
Except for the company?s 10 managers, all users have a mailbox size limit of 100 MB.
Managers have no size limit set on their mailboxes. The average mailbox size for managers
is 2 GB. Managers frequently use advanced searched to locate messages in their mailboxes.
Each search requires more than three minutes to complete.
You need to ensure that managers can search their mailboxes more quickly and that each
manager?s search includes all messages in the mailbox. Your solution must have the
minimum amount of impact on e-mail performance for other users.
What should you do?

A. Create a full-text index on the mailbox store and configure full-text indexing to run once
per week during non business hours.
B. Create a full-text index on the mailbox store and configure full-text indexing to run
continuously.
C. Create an additional mailbox store. Move all managers? mailboxes to the new mailbox
store.
Create a full-text index on the mailbox store and configure full-text indexing to run
continuously.
D. Create an additional mailbox storage group and an additional mailbox store.
Move all managers? mailboxes to the new mailbox storage group.
Create a full-text index on the mailbox store and configure full-text indexing to run
continuously.

Answer: C

Incorrect Answers :
A: Running the full text indexer once a week will not include all messages in index, and will
give incomplete search results. Therefore it does not satisfy the requirement given in the question
to ensure that managers can search their mailboxes more quickly and that each manager?s search
includes all messages in the mailbox .
B: Performance reasons - the solution must have the minimum amount of impact on e-mail
performance for other users. Indexing the entire store will take significant CPU usage as well as
hard drive time and space. It is not necessary to do full text indexing on the entire store when
only the managers need this capability.
D: Performance reasons - creating another storage group and mailbox store on the same disk will
decrease performance
Reference :
Exchange 2003 Admin Guide

11.QUESTION NO: 11

You are the Exchange administrator for TestKing. Exchange Server 2003 runs on a
Microsoft Windows Sever 2003 member server. The Exchange server contains one mailbox
store and one public folder store.
A free disk space warning threshold is configured for the Exchange server. However, when
the amount of free disk space is below the threshold, the help desk mailbox does not receive
an e-mail notification.
You need ensure that the help desk is notified if the server?s free disk space is below the
specified threshold.
What should you do?

A. Configure an e-mail notification to occur when free disk space is in a warning state.
B. Configure the server?s mailbox management process to send summary reports to the help
desk.
C. Configure the help desk?s e-mail address as the non-delivery report (NDR) address on the
SMTP virtual server.
D. Configure the warning message intervals on the mailbox store and the public folder store
to use a custom schedule that allows notification 24 hours per day, seven days per week.


Answer: A

Explanation:
Notify an Administrator by E-mail
You can send an e-mail message to an administrator when a server or connector enters a warning
state or critical state. The server and connector states are set on the Monitoring tab of a server or
connector. The subject line and body of the e-mail message are automatically created; their
content depends on which server is monitoring the servers and connectors in your organization,
and which servers and connectors are being monitored. However, if problems exist between the
monitoring server and the server or connector being monitored, the message may not be
delivered.
Reference:
Exchange 2003 Server Help

12.QUESTION NO: 12

You are the Exchange administrator for TestKing. The Exchange organization contains a
single server named TestKing3. TestKing3 runs Exchange Server 2003 and hosts all user
mailboxes. TestKing3 also functions as an SMTP gateway for Internet e-mail. A firewall
separates the internal network from the Internet and allows only SMTP traffic to each
TestKing3.
One afternoon, users report extremely slow response times on TestKing3. Some users
cannot access the server at all. You examine network traffic to TestKing3 and conclude
that the server is the target of an external distributed denial of service (DDoS) attack.
Your immediate need is to prevent the attack from affecting TestKing3. You must
minimize the effect of your actions on internal e-mail users.
What should you do?

A. Stop the SMTP service on TestKing3.
B. Reconfigure TestKing3 to prohibit all POP3 and IMAP connections.
C. Reconfigure the firewall to prohibit all incoming SMTP traffic.
D. Reconfigure TestKing3 to accept only POP3 connections.
Instruct users to access TestKing3 by using POP3 client software.
E. Configure TCP/IP filtering on TestKing3 to permit only RPC traffic.


Answer: C

Explanation :
The primary goal should be to stop the denial of service attack of the Exchange Server. The
most efficient way to do this WITHOUT affecting the internal E-mail users is to shut down the
SMTP traffic by reconfiguring the firewall.
Incorrect answers:
A: Stopping the SMTP service will also shut down all the internal mail, which violates the last
requirement of the exam.
B: Prohibiting IMAP and POP3 connections will not prevent the incoming SMTP traffic (which
is the root of the DDoS attack)
D: While this would stop the DDoS attack, it would require a lot of reconfiguration on the
clients, and hence disrupt all the internal e-mail users. This is a violation of the last requirement
of the question.
E: This answer is incorrect for the same reason ?D? is incorrect. Only allowing RPC traffic
would prevent internal clients from connecting. Remember that internal clients will be using
SMTP to communicate. Allowing ONLY RPC traffic will prevent the internal users from
connecting to the Exchange server.


13.QUESTION NO: 13

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain testking.com. The functional level of the domain is Windows Server
2003. The network contains a single Exchange Server 2003 computer that contains a single
storage group with one mailbox store. You perform full nightly backups of the storage
group.
You store the transaction log files on drive F and the database files on drive G. You have
created the Recovery Storage Group by using the G:\Exchsrvr\Recovery Storage Group
path for the restored database files.
A user named Tess reports that she can no longer access any network files and that her
mailbox is not functioning. Other users report that they cannot find Tess?s name in the
global address list (GAL). You discover that Tess?s Active Directory account was deleted 20
minutes ago. You re-create Tess?s accounts in Active Directory.
You need to ensure that Tess has access to her most current e-mail message. Your solution
must result in the least amount of mailbox downtime for Tess.
What should you do?

A. Create a new mailbox for Tess.
Restore the Exchange database to the Recovery Storage Group.
Mount the mailbox store.
Use Exmerge to extract Tess?s mailbox to a .pst file.
Deliver this .pst file to Tess.
B. Create a new mailbox for Tess.
Restore the Exchange database to the Recovery Storage Group.
Mount the mailbox store.
Use Exmerge to merge Tess?s old mailbox data into her new mailbox.
C. Set up a recovery mailbox server.
Restore the Exchange database.
Use Exmerge to extract Tess?s mailbox to a .pst file.
Deliver this .pst file to Tess.
D. Run the Cleanup Agent.
Use Mailbox Recovery Center to reconnect Tess?s mailbox to her newly created account.

Answer: D

Explanation :
By default Exchange keep any mailbox deleted seven days, to recover a single mailbox
to recover a single mailbox you just need to recreate a deleted USER
ACCOUNT, run the cleanup agent and reconnect the mailbox to the new account
To Restore a Mailbox by Using Exchange System Manager:
1. Start Exchange System Manager
2. If the Display administrative groups option is enabled, expand Administrative
Groups, and then expand AdministrativeGroup (where AdministrativeGroup is the name
of your administrative group).
Note: To display administrative groups, right-click YourOrganization, click Properties,
click to select the Display administrative groups check box, click OK, click OK, and
then restart Exchange System Manager.
3. Expand Servers, expand YourServerName, and then expand YourStorageGroupName.
4. Expand Mailbox Store, right-click Mailboxes, and then click Run Cleanup Agent.
5. Right-click the mailbox that you want to recover, and then click Reconnect.
6. In the list of Microsoft Active Directory directory service accounts that appears, click the
user account where you want the mailbox to connect, and then click OK.
7. Quit Exchange System Manager.
Reference
HOW TO: Recover or Restore a Single Mailbox in Exchange Server 2003 823176

14.QUESTION NO: 14

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain named testking.com. The Exchange organization contains two servers
named Exch1.testking.com and Exch2.testking.com. Both servers run Exchange Server
2003.
Users who have mailboxes on Exch1.testking.com report that their e-mail messages are not
being delivered to other users on the network. However, these users can open their
mailboxes and read the e-mail messages in their mailboxes. You discover that users who
have mailboxes on Exch2.testking.com can send e-mail messages to mailboxes on the same
server. However, e-mail messages sent to mailboxes on Exch1.testking.com are not
delivered. You open Queue Viewer on Exch2.testking.com. The queue information is shown
in the exhibit.
You need to ensure that all users can send and receive e-mail messages.
What should you do? (pictire)

A. Configure the SMTP virtual server on Exch1.testking.com to accept only authenticated
connections.
B. Start the SMTP service on Exch1.testking.com.
C. Configure a mail exchanger (MX) resource record for Exch1.testking.com on the DNS
server that is authoritative for testking.com.
D. Start the IMAP4 and POP3 services on Exch1.testking.com.

Answer: B

Explanation :
These can success if the advanced queuing engine may not be able to access the global catalog
servers or to access the recipient information. In this case the problem is due to the smtp service,
if the service is stopped for any reason the messages can not be resolved to any destination
Incorrect Answers:
A: Configuring Exchange to accept Authenticated connections is used only to permit Domain
authenticated users to send mail. It will not affect mail delivery in this case, as all users have
authenticated connections.
C: Exchange Server does not need to have a MX record to deliver mail within organization.
Exchange use SRV records to locate a Global Catalog through DSaccess component.
D: There is no problem with POP or IMAP protocols. Exchange Server uses MAPI by default
Queue: Messages awaiting directory lookup
Description: This queue contains messages to recipients who have not yet been resolved against
the Microsoft Active Directory service. Messages are also held in this queue while distribution
lists are expanded.
Troubleshooting: Generally, messages accumulate in this queue because the advanced queuing
engine cannot categorize the message. The advanced queuing engine may not be able to access
the global catalog servers or to access the recipient information. Or, the global catalog servers
are unreachable or are performing slowly.
Reference
How to Use Queue Viewer to Troubleshoot Mail Flow Issues 823489

15.QUESTION NO: 15

You are the Exchange administrator for TestKing. The Exchange organization contains a
single Exchange Server 2003 computer named TestKingSrvA. The Exchange server
contains one mailbox store.
The Active Directory administrator informs you that he accidentally deleted a user account
and mailbox. You immediately investigate and discover that the mailbox is still listed in the
mailbox store.
You need to ensure that the user can access the mailbox.
What should you do?
A. Run the Cleanup Agent on the mailbox store.
B. Execute the mailbox management process on the Exchange server.
C. Ask the Active Directory administrator to perform an Active Directory authoritative
restore of the user object.
D. Ask the Active Directory administrator to perform an Active Directory non-authoritative
restore of the user object.

Answer: C

Explanation :
In this case the user account has been deleted along with the mailbox account. It is possible to
recreate the user account and reconnect the mail to the new account, but in that case the new
account will have a new SID and lose any permissions. Therefore, the administrator needs to
perform an authoritative restore for the user that was deleted.
Incorrect answers:
A: Running the Cleanup Agent will show the orphaned mailbox. It can be used to connect to a
recreated account to retrieve mail. However, doing this will not recreate all permissions the
account contained. In addition, a new user account would have to be created to attach the email
account to, and since this is not done, this is not a correct answer.
B: The Mailbox Management process will not affect a Mailbox recovery in any way. Mailbox
Management is used to define Mailbox Recipient Policies
D: Performing a non-authoritative restore would restore the mailbox and the associated account.
However, when the domain controller is restarted, the changes from other domain controllers
would once again remove the user object. Remember that a non-authoritative restore will restore
an object, but it is not authoritative, and hence will be overwritten by any other domain controller
that has newer information.

16.QUESTION NO: 16

You are the Exchange administrator for TestKing. The network contains an Exchange
Server 2003 active/passive cluster that contains nodes named TestKingSrvA and
TestKingSrvB. The cluster contains a single Exchange Virtual Server (EVS).
TestKingSrvA is the preferred owner of the EVS.
TestKingSrvA has intermittent hardware failures that cause it to go offline. When
TestKingSrvA goes offline, the EVS fails over to TestKingSrvB.
You need to change the cluster configuration so that the EVS remains online while you
troubleshoot the cause of the hardware failure.
What should you do?

A. In Cluster Administrator, select the option to move the cluster group to TestKingSrvB.
Remove TestKingSrvA as a possible failover node.
B. In Cluster Administrator, select the option to move the cluster group to TestKingSrvB.
Select the option to prevent failback to TestKingSrvA.
C. Create a new cluster group.
Move all the Exchange cluster resources to the new cluster group.
Select TestKingSrvA and TestKingSrvB as the preferred owners of the cluster, and
ensure that TestKingSrvA is selected at the top of the possible owners list.
D. Create a new cluster.
Move all the Exchange cluster resources to the new cluster group.
Select the option to prevent failback to TestKingSrvA.


Answer: B

Explanation :
Specifying Preferred Owners
During the creation of an Exchange Virtual Server, you have the option of defining a list of
preferred cluster nodes or preferred owners for that server. Cluster Service uses this list of
preferred owners when assigning the Exchange Virtual Server to a node. Cluster Service first
tries to assign the Exchange Virtual Server to the first node in the list. If that node is unavailable,
Cluster Service tries the next node in the list. If that node is unavailable, Cluster Service
continues down the list, until it can assign the Exchange Virtual Server to a node. If Cluster
Service cannot find an available node in the preferred owners list, it tries to fail over to the other
available nodes in the cluster that have Exchange installed.
By default, you do not have to specify any preferred owners. If you do not specify owners,
Cluster Service assigns an Exchange Virtual Server to the next available node that has Exchange
installed.
Specifying Failover Options
When configuring how Cluster Service manages failovers, consider the Threshold and Period
options on the Failover tab (see Figure 8.7). The Threshold setting determines the number of
times that the Exchange Virtual Server can fail over during the failover Period. If the actual
number of failovers exceeds the threshold during the failover period, the Exchange Virtual
Server may be in a failed state, and Cluster Service will not bring it online. The default and
recommended settings for these failover options are to have Exchange fail over 10 times in a
6-hour period.
1. To specify the failover options for an Exchange Virtual Server
On the Failover tab (see Figure 8.7) in the Exchange Virtual Server's Properties dialog box,
type a value for the Threshold and Period options.
Figure 8.7 Failover tab in the Properties dialog box for an Exchange Virtual Server

Setting Failback Options
Used in conjunction with the Failover tab, the Failback tab (see Figure 8.8) helps define what
happens during a failover. On this tab, you have the option of preventing failback from occurring
automatically (the default), or allowing failback to occur automatically.
Preventing Failback If you do not allow an Exchange Virtual Server to fail back, an
administrator must intervene and manually move the server back to the original, preferred node.
This may be your preferred setting because it allows you to control when the failback occurs. For
example, you may want to select Prevent failback if you want to take time to troubleshoot or run
diagnostics on the failed node before allowing the node to take ownership of the Exchange
Virtual Server again.
You can also use this setting to minimize downtime for users. For example, consider a scenario
where a failover that occurs at 3:00 P.M. causes EVS1 to move from Node 1 to Node 4 (the
stand-by node). By preventing failback, you can wait until the end of the work day to manually
move EVS1 back to Node 1, and users do not have to experience downtime waiting for the
server to come back online after the move.
Allowing Failback
By allowing an Exchange Virtual Server to fail back to the preferred node automatically, you can
also specify when this failback should happen: either immediately or during a specified time
interval.
This is the preferred setting if you want to have Cluster Service manage the cluster without any
manual administrator intervention.

To specify the failback options for an Exchange Virtual Server
On the Failback tab (see Figure 8.8) in the Exchange Virtual Server's Properties dialog box,
select the failback options for the server.
Figure 8.8 Failback tab in the Properties dialog box for an Exchange Virtual Server

17.QUESTION NO: 17

You are the Exchange administrator for TestKing. The Exchange organization contains a
single server TestKingSrv that runs Exchange Server 2003. The Exchange server hosts 500
users and contains one storage group and one mailbox store. The size of the mailbox store
is 23 GB. Every night, a full backup is performed on the storage group.
The mailbox store fails. When you attempt to bring it back online, the mailbox store fails to
mount. You discover that the mailbox store is corrupted.
You need to restore all the Exchange mailboxes without losing any data.
What should you do?

A. Restore the mailbox store and the transaction log files.
Replay the transaction log files.
B. Restore the mailbox store but not the transaction log files.
Do not replay the existing transaction log files.
C. Restore the mailbox store but not the transaction log files.
Replay the existing transaction log files.
D. Restore the mailbox store and the transaction log files.
Delete the restored transaction log files.


Answer: A

Explanation :
In order to prevent losing data, the existing transaction logs must be replayed. If the transaction
logs are restored as stated in the question, they would overwrite any logs that currently exist, and
therefore delete any messages that were created from the last backup until the time of the failure.
Incorrect answers:
A: If this option is chosen without specifying a different location for the log files, the restore will
overwrite all transactions that took place from the time of the backup until the time of the failure.
Note that the question does not provide for an alternate recovery location. It must be assumed
that the restore operation takes place in the original location.
B: Not replaying the transaction log files will result in a database that is current up until the time
of the backup, but not after that. This is a violation of the requirement that the most current data
be available, and disqualifies this from being a possible answer.
D: Simply restoring the transaction log files is not enough. The log files must also be replayed.
To restore then delete the log files accomplishes nothing. Only the data that was in the database
at the time of the backup would be usable.
Following is the procedure to replay the logs:
To work around this behavior and replay the logs, you must copy all the transaction logs that
you want to recover to the temporary restore folder that you defined in the restore process. To
copy all the transaction logs that you want to recover to the temporary restore folder and then
replay the logs, follow these steps:
Restore all the online backups to the recovery server:
Click Start, point to Programs, point to Accessories, point to System Tools, and then click
Backup.
Click the Restore tab, click to select the files to restore, and then click Start Restore.
In the Restoring Database Store dialog box, type the name of the folder where you want to
temporarily locate the log files in the Temporary location for the log and patch files box, and
then click OK.
Important
Do not click to select the Last Backup Set check box. You can only copy all the transaction logs
to the temporary restore folder before you start the manual replay process if you leave this check
box unselected.
In the Enter Backup File name dialog box, enter the location of the backup file, and then click
OK.
Copy all the offline log files to the Temp_restore_folder\Storage_group_name folder, where
Temp_restore_folder is the temporary restore folder that you defined in the restoration process
and Storage_group_name is the name of the storage group.

Make sure that the log files are contiguous.
Log replay only plays forward as long as the sequence is contiguous. When the sequence is
interrupted, replay stops.
After you are satisfied with the state of the log files, switch to the
Temp_restore_folder\Storage_group_name folder, and then run either of the following
commands from the command prompt:
c:\exchsrvr\bin\eseutil /cc
-orc:\
program files\exchsrvr\bin\eseutil /cc
These commands force an Eseutil manual log recovery. After this process is complete, you can
manually mount the databases that you restored.
Overview of the Exchange 2003 Restore Process
When a restore operation begins, Backup informs the extensible storage engine (ESE) that the
process has begun, causing ESE to enter restore mode. Next, the database is copied from the
backup media directly to the database target path (a database is comprised of a pair of files: an
.edb file and a .stm file). ESE then creates an extra storage group in which to mount the
databases; this storage group is separate from the original storage group in which the databases
are located. Finally, the associated log and patch files are copied to a temporary folder.
Note: To specify the temporary location for the log and patch files, use the Temporary location
for log and patch files option in Backup. For each storage group that you restore, Exchange
creates a subfolder within the specified temporary directory; therefore, you can simultaneously
restore multiple databases within the same storage group in the same job. If you perform separate
restore jobs simultaneously, you should specify a different temporary folder for each restore job
so you can perform a hard recovery without interfering with other databases running in the
storage group.
References:
You Cannot Mount the Information Store Database After an Online Restore 823016
MS white paper Disaster Recovery for MicrosoftR Exchange 2000 Server
HOW TO: Use the Eseutil Utility to Perform a Checksum Procedure on a streaming file 823167
Offline Backup and Restoration Procedures for Exchange 296788


18.QUESTION NO: 18

You are the Exchange administrator for Acme. TestKing has a business partnership with
Testking. The two companies share a single network and a single Exchange organization.
Each company has its own Active Directory domain named testking.com. The domains are
named acme.com and testking.com, respectively. Both domains are contained in a single
forest. The relevant portion of the network configuration is shown in the Network exhibit.
A new e-mail design document states the following requirements:
.. All inbound Internet e-mail messages for acme.com must be delivered to
Exch1.acme.com. If this server is not available, the e-mail messages must be
delivered to TestKing1.testking.com.
.. All inbound Internet e-mail messages for testking.com must be delivered to
TestKing1.testking.com. If this server is not available, the e-mail messages must be
delivered to Exch1.acme.com.
You discover that mail1.testking.com and Exch1.acme.com receive equal numbers of
Internet e-mail messages that are intended for acme.com. mail1.testking.com and
Exch1.acme.com also receive equal numbers of Internet e-mail messages that are intended
for testking.com. You use the nslookup command to view the Internet mail exchanger
(MX) resource records for the two domains. The output is shown in the Nslookup exhibit:
You need to ensure that the e-mail messages for each domain are delivered as stated in the
e-mail design document.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two)

A. Set the priority for the Exch1.acme.com MX record in acme.com to 20.
B. Set the priority for the Exch1.acme.com MX record in testking.com to 20.
C. Set the priority for the mail1.testking.com MX record in acme.com to 20.
D. Set the priority for the mail1.testking.com MX record in testking.com to 20.
E. Remove the MX record for Exch1.acme.com from the testking.com zone.
F. Remove the MX record for mail1.testking.com from the acme.com zone.

Answer: B, C

Explanation:
In this case with a MX cost of 10 mail will be routed to his domain until the connector fail and
use the next on cost 20, this apply to both domains
Exchange 2003 provides load balancing in the form of a round-robin DNS between servers, both
sources and targets. A round-robin DNS is a mechanism that directs incoming requests to servers
on a rotating basis. This is done by looping through a list of IP addresses belonging to the servers
in the configuration. When an e-mail client attempts to access a mailbox on an Exchange server,
the client is given the first IP address on the list. The second client request is given the second IP
address in the list, and so on. If there are four servers on the round-robin list, all four IP
addresses are used before the first IP address is used again, and the loop starts over. In addition,
Exchange 2003 offers improvements over the Exchange 5.5 Site Connector if one of the source
bridgehead servers is down
Exchange connectors automatically try not to use that server until it comes back up. If there are
multiple connectors with the same cost, each server picks a random connector and uses it for a
period of time. Over multiple servers, this functionality simulates round-robin behavior.
Reference :
Exchange server Resource Kit
Chapter 7 - Migrating Transports, Connectors, and Hubs

19.QUESTION NO: 19

You are the Exchange administrator for TestKing. The Hong Kong and Tokyo offices each
have a routing group that contains an Exchange Server 2003 computer. The two Exchange
servers are named HongKongMail and TokyoMail.
You add a new office names Beijing to the network. The Beijing office has a routing group
that contains an Exchange Server 2003 computer named BeijingMail. The relevant portion
of the network is configured as shown in the exhibit.
You test the connectivity from HongKongMail to BeijingMail by running the ping
command, but you receive no response. You can ping TokyoMail from HongKongMail and
you can ping TokyoMail from BeijingMail. You perform a test on HongKongMail by
running the tracert command, and you receive the following result.
You need to enable network connectivity between HongKongMail and BeijingMail. All
changes will be implemented by the network administrator.
Which action should you ask the network administrator to perform?

A. On HongKongMail, create a static IP route to 131.107.30.10.
B. On Router1, create an IP route to the 131.107.30.10.
C. On Router1, create an IP route to the 131.107.30.0 network.
D. On Router4, create an IP route to the 131.107.30.0 network.

Answer: C

Explanation :
The tracert command shows us:
? First HOP IP address 131.107.10.1
? Second Hop IP address 131.107.1.1 (Internet router)
One Network hop is the router 1 IP 131.107.10.1 and next one 131.107.1.1 this means that router
one does not have a default route to reach the Beijing network 137.107.30.x and BeijingMail
Server IP 131.107.30.10.
In this case we need to add to router one a route to reach Beijing network
Reference
Basic Routing


20.QUESTION NO: 20

You are the Exchange administrator for TestKing. The company operates a main office
and one branch office. Both offices are connected to the Internet. A VPN provides
interoffice connectivity. The relevant portion of the network is configured as shown in the
exhibit.
The network consists of a single Active Directory domain testking.com. Each office
contains one domain controller and one server that runs Exchange Server 2003. The
domain controllers are name DC1 and DC2. The Exchange servers are named TestKing1
and TestKing2. In each office, all user mailboxes are hosted on the local Exchange server.
Microsoft Outlook is the only e-mail client in use.
When users in the branch office send e-mail messages, they report that Outlook sometimes
requires several minutes to resolve user names to e-mail addresses. The problem occurs
intermittently, but it affects all users in the branch office. These users experience no delays
when they open e-mail messages and attachments. Users in the main office no not
experience any delays when they open e-mail messages or when user names resolve to email
addresses.
You need to improve the performance of Outlook name resolution in the branch office.
What should you do?

A. Configure DC2 as a global catalog server.
B. Configure the interoffice VPN to pass LDAP traffic.
C. Configure the client computers in the branch office to authenticate to DC2.
D. Modify Active Directory to place both office networks in the same site.

Answer: A

Explanation:
DS1 is the only Catalog server. Adding a GC to the branch office will enable Exchange to look
up the attributes of the user it needs, and hence resolve the issue. The problem was intermittent
due to traffic on the network. When traffic was high, response was slow.

21.QUESTION NO: 21

You are the Exchange administrator for TestKing. The network consists of two subnets.
The relevant portion of the network is configured as shown in the following diagram.
Subnet A contains 25 client computers that receive their TCP/IP configuration from a
DHCP server. The properties of the subnet A scope on the DHCP server is shown in the
exhibit.
Subnet B contains only a single Exchange Server 2003 computer named TestKing1.
Users in subnet A report that they cannot connect to TestKing1. You run the ping
131.107.50.126 command on a client computer in subnet A. You receive the following error
message: ?Request times out?.
You need to ensure that the client computers in subnet A can connect to TestKing1.
What should you do?

A. Change the IP address of TestKing1 to 131.107.50.130.
B. Change the subnet mask of TestKing1 to 255.255.255.224.
C. Change the IP address of the subnet A interface on Router1 to 131.107.50.65.
D. Change the subnet mask of the client computers in subnet A to 255.255.255.224.
E. Change the default gateway of the client computers in subnet A to 131.107.50.129.


Answer: A

Explanation :
We need to include server in the same network ID as the network card of the router in subnet B
DCHP range, going from IP address 131.107.50.66 to 131.107.50.91.
There are 25 computers. The server IP and the two router IP are out of DHCP scope that mean
static IP configuration is required.
Incorrect Answers :
B: If we change the mask to 255.255.255.224. let us just 30 host per subnet
C: IP is not in the correct range
D: If we change the mask to 255.255.255.224. let us just 30 host per subnet
E: There is no need to change default gateway. Routing in correctly enabled

22.QUESTION NO: 22

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain testking.com that contains two domain controllers. Each domain
controller runs Microsoft Windows Server 2003 and is configured as a DNS server. Each
DNS server is configured with root hints for resolving Internet host names.
The Exchange organization contains two servers that run Exchange Server 2003. One
Exchange server is configured with two network adapters and two SMTP virtual servers.
One SMTP virtual server is configured for internal e-mail, and the other is the bridgehead
server for an SMTP connector that delivers all Internet e-mail messages. The Internet
SMTP virtual server is configured to use a DNS server at an ISP as an external DNS
server.
The firewall configuration for TestKing is modified to permit only domain controllers to
make DNS queries to the Internet. Users report that they can no longer send e-mail
messages to recipients on the Internet. However, they can receive e-mail messages from the
Internet.
You need to ensure that users can use the Internet to send and receive e-mail messages.
What should you do?

A. Reconfigure the network adapater used by the Internet SMTP virtual server to use the
DNS server at the ISP.
B. Reconfigure the Internet SMTP virtual server to not use an external DNS server.
C. Configure the Internet SMTP virtual server to use a smart host to deliver e-mail
messages.
Use the fully qualified domain name (FQDN) of an SMTP server managed by the ISP as
the smart host.
D. Configure the SMTP connector to use a smart host to deliver e-mail messages.
Use the fully qualified domain name (FQDN) of an SMTP server managed by the ISP as
the smart host.

Answer: B

Explanation :
They already have Internet SMTP virtual server configured to use a DNS server at an ISP as an
external DNS server. The problem is this case is DNS queries Each DNS server is configured
with root hints for resolving Internet host names also the firewall configuration is modified
to permit only domain controllers to make DNS queries to the Internet. Because in the ISP
DNS they have a MX for the company domain, they can receive mail from Internet. But in order
to go out smtp connector for the domain must be able to resolve or forward DNS queries to
external domain or in this case to forward DNS resolution to ISP
Exchange 2000 and Exchange 2003 work differently than Exchange Server 5.5. SMTP is an addon
to Exchange Server 5.5 through Internet Mail Service. SMTP is native to Exchange 2000 and
Exchange 2003. Everything is SMTP-based. The default SMTP virtual server (by itself) can
handle all Internet traffic (inbound and outbound).
Typically, the main reason for an SMTP connector is to send mail a certain way to a certain
domain (for example, to forward messages to a specific smarthost for that domain only or to send
HELO instead of EHLO).
To configure the SMTP connector:
1. Start Exchange System Manager.
2. Expand the Administrative Groups container. To do so, click the plus sign (+) to the left
of the container.
3. Click the administrative group that you want to work with, and then expand it.
4. Expand the Routing Groups container.
5. Click the routing group that you want to work with, and then expand it.
6. Click the Connectors container. Right-click the Connectors container, and then click
New.
7. Click SMTP Connector.
8. On the General tab, provide an appropriate identifying name for the connector.
9. Choose to use DNS or forward to a smart host (if you are relaying through an
Internet service provider send-mail server).
10. Under Local Bridgeheads, click Add. Add the server that becomes the bridgehead server
for the routing group. Designate an SMTP virtual server as a bridgehead server for the
SMTP connector.
11. Click the Address Space tab. Under Connector Scope, click either Entire Organization
or Routing Group. As in earlier versions of Exchange Server, when you configure the
Internet Mail Service, click Add, click SMTP, and then click OK. Accept the default (*)
unless you require outbound e-mail domain restriction, and leave the cost as 1.
12. If you have chosen forward all mail to a smart host, click the Advanced tab. Click the
Outbound Security option, and then select an appropriate authentication method for
your relay host. The default is Anonymous Access.
13. Click OK to exit Outbound Security.
14. Click OK to exit the Advanced tab.
15. Click OK to exit the SMTP connector.
16. Quit the Microsoft Exchange Routing Engine service and the SMTP service for these
changes to take effect.
Addressing
Exchange stores recipient addresses in a directory. Rather than requiring a user to supply the
recipient's address for each message, the user only needs to type the recipient's name, which
Exchange then resolves into a complete address. The user must supply addresses for recipients
who are not in the Address Book. Although users see only the names or the e-mail aliases in the
Address Book, the directory is a database (and a service) that contains additional addressing
information for name resolution and routing purposes.
Addresses have two parts:
? A site address for each Exchange computer. Exchange uniquely identifies sites by using
the c, a, p, and o components of the originator/recipient O/R address space.
? A recipient address for each mailbox.
Site and recipient addresses are stored in the directory. Custom addresses also can be created for
recipients on foreign mail systems. Exchange creates a site address using the organization name
and site name that you provided during setup. Because recipient addresses are created using site
addresses, confirm that you have valid site addresses before you add mailboxes or connectors.
Exchange defines the following address types that can be present in the gateway routing table
(GWART), which the MTA searches when it is routing a message to the appropriate connectors:
EX Denotes a distinguished name on Exchange. This address type is searched only when a
distinguished name for the recipient exists in the directory.
MS Denotes Microsoft Mail for PC Networks.
SMTP Denotes the standard Internet mail protocol Simple Mail Transport Protocol.
X400 Denotes the O/R address, which is used for addressing under the X.400 protocol.
The address types MS and SMTP are created automatically during setup. If you install other
gateways, Exchange also generates other address types.
Reference
Part 10 - Exchange Architecture
How to Configure the SMTP Connector in Exchange 265293
g the way in IT testing and certification tools, www.testking.com

23.QUESTION NO: 23

You are the Exchange administrator for TestKing. The Exchange organization contains 10
servers that run Exchange Server 2003. All users send and receive e-mail messages by
using Microsoft Outlook.
TestKing has many different departments and a total of 10,000 users. For each department,
management asks you to create one address list that contains all users in that department.
Management also asks you to create a confidential address list. The membership of the
confidential address list will consists of several users from every department.
For each department, you create an address list that uses the department attribute.
Now you need to create the confidential address list. You must ensure that members of the
Managers group are the only users who can identify the members of the list by using
Outlook. You must not affect any existing e-mail functionality.
What should you do?

A. Modify the permissions on the user accounts of individuals in the confidential address list
so that only the Managers group has permission to send e-mail messages to these
accounts.
Create a confidential address list that includes the required user accounts.
B. Modify the permissions on the user accounts of the individuals in the confidential address
list so that only the Managers group has permission to view these accounts.
Create a confidential address list that includes the required user accounts.
C. Configure the department attribute as Confidential for the user accounts of individuals in
the confidential address list.
Create an address list that uses the department attribute.
Modify the permissions on the address list so that only the Managers group has
permission to view its membership.
D. Configure a custom attribute as Confidential for the user accounts of individuals in the
confidential address list.
Create an address list that uses the custom attribute.
Modify the permissions on the address list so that only the Managers group has
permission to view its membership.


Answer: D

Explanation:
In order to prevent affecting the current e-mail functionality, the use of a custom attribute is
required. There are 15 custom attributes available in Exchange 2003 for defining things such as
special memberships. Enabling and grouping based on these attributes will not affect any other
distribution lists.
Incorrect answers:
A: Modifying permissions on individual accounts will change the memberships of the existing
groups. Other users will not be able to send mail to these modified users, and this would disrupt
the existing e-mail functionality.
B: Modifying permissions so only managers will be able to see the accounts will also disrupt the
existing functionality, as anytime a user wants to send to anyone in this group (whether they
want to send to the whole group or not does not matter) they will not be able to see them.
Remember that the purpose of the confidential group is not to hide the members from getting
normal mail, but to hide the fact that these people are in a confidential group.
C: Configuring the Departmental attribute in this way will prevent the users in the group from
receiving normal departmental mail. This will disrupt the normal e-mail functionality. In
addition, the users will not be seen by their own departments.
Reference :
Exchange 2003 Admin HELP


24.QUESTION NO: 24

You are the Exchange administrator for TestKing. The network consists of a single Active
Directory domain testking.com. A single Exchange organization contains servers that run
Exchange Server 2003. The domain contains 500 Contact objects that represent company
customers. The Contact objects are used by all users and updated infrequently. The
domain also contains mailbox-enabled users.
TestKing acquires another company Acme. The other company?s network consists of a
single Active Directory domain acme.com. A single Exchange organization contains servers
that run Exchange Server 2003. The other company?s domain contains 200 Contact objects
that represent company customers and are updated frequently.
Microsoft Outlook is the only e-mail client in use in both companies.
Written security polices state that users in one domain must no have any security
permissions in the other domain, including the permission to read Active Directory
information.
You need to enable users in both companies to send e-mail messages to the Contact objects
from both domains.
What should you do?

A. Configure a two-way trust relationship between the domains.
Configure SID filtering so that SIDs in one domain cannot be used in the other domain.
B. Use Active Directory Users and Computers to export the Contact objects from each
domain. Then use an import utility to import the objects into the other domain.
C. Configure Outlook in each domain to make LDAP queries against the other company?s
domain.
D. Configure DNS in each domain to use DNS server in the other domain as a forwarder.

Answer: B

Explanation :
Domain and Forest Partitioning
Because of the tight integration between Exchange and Active Directory, the Active Directory
forest structure directly affects your Exchange planning. There is a one-to-one relationship
between an Active Directory forest and an Exchange organization. An Exchange organization
can span only a single Active Directory forest. Likewise, an Active Directory forest can host
only a single Exchange organization. Understanding your current forest structure and the
reasoning behind those design decisions can help you to decide whether to use an existing forest
to host Exchange or whether to create a new forest to host Exchange.
Although the recommended design for Active Directory consists of a single Active Directory
forest for the entire organization. Your organization may contain multiple forests that represent
separate business units. One reason this design may be necessary is if your organization needs
strict security boundaries between the directories for each business unit.
In a multiple forest scenario, you need to determine which forest is to host Exchange. To reduce
the administrative burden, you also need to implement a provisioning method so that changes
made in one forest are propagated to the other forests, for example, by using Microsoft Identity
Integration Manager (MIIS). Another option is to create a separate forest dedicated to running
Exchange. By default you can not access from one Exchange Organization GAL (Global
Address Book), to another Exchange Organization GAL (Global Address Book), including if
they have a trust relation between forests
You will need to use some as Microsoft Identity Integration Server to sync both directories.
So the only way that they can take is to import export the contacts
References
Planning an Exchange Server 2003 http://www.microsoft.com/exchange/library
Messaging System
Exchange 2000 Server Resource KIT
Chapter 5 - Active Directory Integration and Replication

25.QUESTION NO: 25

You are the Exchange administrator for TestKing. The network consist of a single Active
Directory domain named testking.com. Exchange Server 2003 is used as the companywide
messaging system. The Exchange organization includes two mailbox servers. The perimeter
network contains one front-end server named madrid1.testking.com, which hosts Microsoft
Outlook Web Access. The relevant portion of the network is configured as shown in the
exhibit.
The external firewall is configured to allow limited access to the servers on the perimeter
network and the internal network. Internet users access all servers behind the external
firewall by using the IP address of the firewall?s external interface. The internal firewall is
configured to allow limited access to the servers on the internal network by using the actual
IP address of each internal servers.
Users report that they cannot access madrid1.testking.com from the internal network or
the Internet.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two)

A. On the perimeter DNS server, configure a new host (A) resource record that maps
madrid1.testking.com to the IP address of the external interface of the external firewall.
B. On the perimeter DNS server, configure a new host (A) resource record that maps
madrid1.testking.com to the actual IP address of the server.
C. On the internal DNS server, configure a new host (A) resource record that maps
madrid1.testking.com to the IP address of the external interface of the external firewall.
D. On the internal DNS server, configure a new host (A) resource record that maps
madrid1.testking.com to the actual IP address of the server.

Answer: A, D

Explanation:
They have OWA in the perimeter zone known as DMZ, they have two cards one card is
connected to internal network, and the other card is the external IP address that is accessed from
Internet.
If we would like to provide access to the OWA in the perimeter we need to provide DNS
resolution for their IP in the internal LAN, to do that we just need to add their internal IP LAN to
our internal DNS
If we would like to provide external access from internet we need to provide DNS resolution
form our external DNS to the external IP address of OWA server
Securing Exchange with ISA Server 2000
As a best practice alternative to locating your front-end Exchange 2003 servers in the perimeter
network, deploy ISA Server. ISA Server acts as an advanced firewall that helps control Internet
traffic entering your network. When you use this configuration, you locate all your
Exchange 2003 servers within your corporate network, and use ISA Server as the advanced
firewall server exposed to Internet traffic in your perimeter network.
All inbound Internet traffic bound to your Exchange servers, such as Outlook Web Access, RPC
over HTTP communication from Outlook 2003 clients, Outlook Mobile Access, POP3, IMAP4,
and so on are processed by your ISA Server. When ISA Server receives a request to an Exchange
server, ISA Server proxies the requests to the appropriate Exchange servers on your internal
network. The internal Exchange servers return the requested data to the ISA Server, and then
ISA Server sends the information to the client through the Internet. Figure 4.1 shows an example
of a recommended ISA deployment.
References
Planning an Exchange Server 2003 http://www.microsoft.com/exchange/library


26.QUESTION NO: 26

You are the Exchange administrator for TestKing. The Exchange organization contains a
single Exchange Server 2003 computer.
Users at TestKing frequently exchange e-mail with another company. A new security
agreement between the two companies specifies that all e-mail containing proprietary
information must be encrypted when it is transmitted across the Internet. The other
company does not have a public key infrastructure. The other company?s management
refuses to use a commercial certification authority (CA) to obtain certificates for its users.
However, they are willing to purchase a small number of certificates for their servers.
You need to ensure that e-mail transmitted across the Internet complies with the new
security agreement.
What should you do?

A. Obtain digital certificates for each user in TestKing.
Instruct each user to send digitally signed messages to all users at the other company.
B. Configure your Exchange server to use Transport Layer Security (TLS) when it connects
to the mail server at the other company.
Instruct the e-mail administrator at the other company to configure its mail server in the
same way.
C. Configure your Exchange server to use IPSec to encrypt all outgoing SMTP traffic.
D. Configure the Exchange HTTP virtual server to require SSL connections.


Answer: A

Explanation :
They can avoid using commercial PKI infrastructure using TLS
Incorrect Answers :
A: other company?s management refuses to use a commercial certification authority
C: IPSEC encrypt but they need to use certificates or preshared key and encrypt the
communication not the mail
D: They do not tell us that they are using OWA to communicate
Use TLS Encryption
You can require that all clients use Transport Layer Security (TLS) encryption, a generic
security protocol similar to Secure Sockets Layer (SSL), to connect to an SMTP virtual server.
This option secures the connection, but it is not used for authentication.
To enable TLS encryption on a virtual server, you must create key pairs and configure key
certificates on the Exchange server running the SMTP Service. This can be done through IIS.
Clients can then use TLS to encrypt the session with Exchange, and thus all messages sent.
Exchange can also use TLS to encrypt sessions with remote servers.
Note If your virtual server is on the Internet, requiring TLS encryption on inbound connections
is not recommended. Very few of these connections will support TLS and users will not be able
to connect to your server. In most cases, it makes more sense to encrypt your mail messages
instead of the SMTP channel. TLS is intended for a point-to-point SMTP connection between
partner organizations, for example, where both parties know the other supports TLS.
Require TLS Encryption
Once you've enabled TLS encryption on your virtual server, you must require it in all client and
server connections.
To require TLS encryption:
1. Start System Manager: On the Start menu, point to Programs, point to Microsoft
Exchange, and then click System Manager.
You can manually start the application by following these instructions: On the Start menu, point
to Programs, point to Microsoft Exchange, and then click System Manager.
2. Navigate to the SMTP virtual server.
1. Servers
2. Server
3. Protocols
4. SMTP
5. SMTP virtual server
3. Right-click the SMTP virtual server, and then click Properties.
4. On the Access tab, under Access control, click Authentication.
5. In Authentication, select Basic authentication.
6. Select the Require TLS encryption check box.
7. In Default domain, type the Windows domain which, by default, will be used to
authenticate users.
Note Users outside the default domain will also be able to authenticate, provided an Active
Directory trust relationship exists between their domain and the default domain. Users outside
the default domain will have to specify the domain authorized to validate their credentials.
8. To return to the Access tab, click OK.
9. Under Secure communication, click Communication.
10. In Security, select the Require secure channel check box.
Reference
Exchange 2003 Server Help

27.QUESTION NO: 27

You are the Exchange administrator for TestKing. The network consists of a single
network subnet connected to the Internet by means of a firewall. The network contains two
Exchange Server 2003 computers named TestKing1 and TestKing2. TestKing1 contains all
user mailboxes. TestKing2 is configured as a front-end server and hosts Microsoft Outlook
Web Access. The firewall is configured to allow incoming HTTPS traffic to each
TestKing2.
The network is reconfigured to include a perimeter network. The perimeter network is
connected to the internal network by means of a new firewall. TestKing1 remains on the
internal network, and TestKing2 is relocated to the new perimeter network.
Internet users now report that Outlook Web Access in inaccessible. You confirm that all
services on TestKing2 start normally and that internal users can access their mail by using
Microsoft Outlook to connect to TestKing1.
You need to ensure that Internet users can access Outlook Web Access over an encrypted
connection.
What should you do?

A. Configure the internal firewall to allow HTTP traffic to pass from TestKing2 to
TestKing1.
B. Configure the external firewall to allow HTTP traffic to pass from the Internet to
TestKing2.
C. Configure the internal firewall to pass LDAP queries from TestKing2 to a domain
controller on the internal network.
D. Configure the external firewall to allow RPC traffic to pass from the Internet to
TestKing2.


Answer: A

Explanation :
They tell us that you need to ensure that Internet users can access Outlook Web Access over an
encrypted connection that discards answer A and B because firewall is configured to allow incoming
HTTPS traffic toachTestKing2. Also if we just open LDAP queries we still needing more ports to open
between firewall, for this reason the only answer valid is D
HTTP communication between the front-end and back-end servers is not encrypted. In cases when the
front-end and back-end servers are maintained in a separate subnet, this is not a concern. However, if
front-end and back-end servers are kept in separate subnets and network traffic must pass over
unsecured areas of the corporation, Microsoft recommends that this traffic be encrypted to protect
passwords and data
The MicrosoftR remote procedure call (RPC) over Hypertext Transfer Protocol (HTTP) implementation
(RPC/HTTP) allows RPC clients to more securely and efficiently connect across the Internet to RPC
server programs and execute remote procedure calls.
? Option 1 (recommended) Deploy an advanced firewall server such as Internet Security and Acceleration (ISA) Server
in the perimeter network, and position your RPC Proxy server within the corporate network.
? Option 2 Position the Exchange 2003 front-end server acting as an RPC Proxy server in the perimeter network.
Because they do not tell us that they are using an ISA firewall we must assume that they are using RCP
over http or classic approach
The classic approach require following ports
Front-End Server(s) in a Perimeter Network
RPC over HTTP System Requirements
To use RPC over HTTP, you must run Windows Server 2003 on the following computers:
Source Destination Service Protocol and port
Internet/External Perimeter Network HTTP TCP 80
HTTPS TCP 443
IMAP4 TCP 143
IMAP4TLS TCP 993
Perimeter Network Internal/Private Network DNS TCP, UDP 53
HTTP TCP 80
RPC EP Mapper TCP 135
KERBEROS TCP UDP 88
LDAP TCP 389
NETLOGON TCP 445
DSAccess (GC) TCP 3268
TCP High Ports TCP 1024+
? All Exchange 2003 servers that will be accessed with Outlook 2003 clients using RPC over
HTTP.
? The Exchange 2003 front-end server acting as the RPC Proxy server.
? The global catalog server used by Outlook 2003 clients and the Exchange 2003 servers
configured to use RPC over HTTP.
Exchange 2003 must be installed on all Exchange servers that are used by the computer designated as
the RPC Proxy server. Additionally, all client computers running Outlook 2003 must also be running
Microsoft Windows XP Service Pack 1 (SP1) or later with the "Windows XP Patch: RPC Updates Needed
for Exchange Server 2003 Beta" (http://go.microsoft.com/fwlink/?LinkId=16687) update installed.
Table 8.2 Default required ports for RPC over HTTP
Server Ports (services)
Exchange back-end servers 593 (end point mapper)
6001 (Store)
6002 (DS referral)
6004 (DS proxy)
Global catalog server 593 and 6004
Securing the Exchange Messaging Environment
As a best practice alternative to locating your front-end Exchange 2003 servers in the perimeter network,
deploy Microsoft Internet Security and Acceleration (ISA) Server 2000. ISA Server act as advanced
firewalls that control Internet traffic entering your network. When you use this configuration, you put all of
your Exchange 2003 servers within your corporate network, and use ISA Server as the advanced firewall
server exposed to Internet traffic in your perimeter network.
All inbound Internet traffic bound to your Exchange servers (such as Microsoft Office Outlook Web
Access, RPC over HTTP communication from Outlook 2003 clients, Outlook Mobile Access, Post Office
Protocol version 3 (POP3), Internet Message Access Protocol version 4rev1 (IMAP4), and so on) is
processed by the ISA Server. When ISA Server receives a request to an Exchange server, ISA Server
proxies the requests to the appropriate Exchange servers on your internal network. The internal
Exchange servers return the requested data to the ISA Server, and then ISA Server sends the
information to the client through the Internet. Figure 8.1 shows an example of a recommended ISA Server
deployment.
Figure 8.1 Deploying Exchange 2003 behind ISA Server
Securing Communications Between the Client and Exchange Front-End Server
To secure data transmitted between the client and the front-end server, it is highly recommended that you
enable the front-end server to use Secure Sockets Layer (SSL). In addition, to ensure that user data is
always secure, you should disable access to the front-end server without SSL (this option can be set in
the SSL configuration). When using basic authentication, it is critical to protect the network traffic by using
SSL to protect user passwords from network packet sniffing.
Warning
If you do not use SSL between clients and the front-end server, HTTP data transmission to your front-end
server will not be secure. It is highly recommended that you configure the front-end server to require SSL.
It is recommended that you obtain an SSL certificate by purchasing a certificate from a third-party
certification authority (CA). Purchasing a certificate from a certification authority is the preferred method
because the majority of browsers trust many of these certification authorities.
As an alternative, you can use Certificate Services to install your own certification authorities. Although
installing your own certification authority may be less expensive, browsers will not trust your certificate,
and users will receive a warning message indicating that the certificate is not trusted. For more
information about SSL, see Microsoft Knowledge Base article 320291, "XCCC: Turning On SSL for
Exchange 2000 Server Outlook Web Access"
Securing Communications Between Exchange Front-End Server and Other Servers
After you secure your communications between the client computers and the Exchange front-end servers,
you must secure the communications between the Exchange front-end server and back-end servers in
your organization. HTTP, POP, and IMAP communications between the front-end server and any server
with which the front-end server communicates (such as back-end servers, domain controllers, and global
catalog servers) is not encrypted. When the front-end and back-end servers are in a trusted physical or
switched network, this lack of encryption is not a concern. However, if front-end and back-end servers are
kept in separate subnets, network traffic may pass over unsecured areas of the network. The security risk
increases when there is greater physical distance between the front-end and back-end servers. In this
case, it is recommended that this traffic be encrypted to protect passwords and data.
Using IPSec to Encrypt IP Traffic
Windows 2000 supports Internet Protocol security (IPSec), which is an Internet standard that allows a
server to encrypt any IP traffic, except traffic that uses broadcast or multicast IP addresses. Generally,
you use IPSec to encrypt HTTP traffic; however, you can also use IPSec to encrypt Lightweight Directory
Access Protocol (LDAP), RPC, POP, and IMAP traffic. With IPSec you can:
Configure two servers running Windows 2000 to require trusted network access.
Transfer data that is protected from modification (using a cryptographic checksum on every packet).
Encrypt any traffic between the two servers at the IP layer.
In a front-end and back-end topology, you can use IPSec to encrypt traffic between the front-end and
back-end servers that would otherwise not be encrypted. For more information about configuring IPSec
with firewalls, see Microsoft Knowledge Base article 233256, "How to Enable IPSec Traffic Through a
Firewall
Reference
Exchange 2003 Deployment guide
Planning Outlook Web Access Servers
Exchange 2003 RPC over HTTP Deployment Scenarios
Exchange Server 2003 Message Security Guide
Using ISA Server with Exchange 2003


28.QUESTION NO: 28

You are the Exchange administrator for TestKing. The network serves two offices named
West and East. Each office contains an Exchange Server 2003 computer.
Each office has an Exchange routing group. The Exchange server in the West routing
group is named TestKing1. The Exchange server in the East routing group is named
TestKing2. The Exchange topology is shown in the following diagram.
A financial application that runs on a server in the West office generates a 15-MB
automated report every morning at 8:00 A.M. The report is automatically sent from a
mailbox on TestKing1 to a mailbox on TestKing2. Because the report is not needed until
the next day, it is sent with low priority.
While the message that contains the automated report is being sent, the delivery of other
messages between the West and East offices is delayed. Other users are allowed to send
only messages that are smaller than 2,000 KB.
You need to ensure that the sending of the automated report does not delay the delivery of
any other messages between the West and East offices.
Which two actions should you perform? (Each correct answer presents part of the solution.
Choose two)

A. Configure the West-East routing group connector to deliver messages throughout the day.
B. Configure the West-East routing group connector to allow only Normal and High priority
messages.
C. Configure the West-East routing group connector to use an allowed maximum message
size of 2,000 KB.
D. Configure the West-East routing group connector to use a custom schedule that allows
message delivery only after 6.00 P.M.
E. Configure the West-East routing group connector to use a custom schedule that allows
message delivery only after 6:00 P.M. for messages larger than 15,000 KB.


Answer: C, E

Explanation :
Because users are allowed to send only messages that are smaller than 2,000 KB you can
not choose A as valid answer because Configure the West-East routing group connector to
deliver messages throughout the day this will permit will permit messages to exceed 2,000 KB
limits we need choose C to limit users over 2,000 Kb quota
Also you need to ensure that the sending of the automated report does not delay the
delivery of any other messages between the West and East offices you do not need to send
the report until the next day, you will need to send it with low priority.
They tell us
A financial application that runs on a server in the West office generates a 15-MB
automated report every morning at 8:00 A.M.
You will nee to configure the routing group for To specify delivery times based on message size,
select Use different delivery times for oversize messages. In Oversize messages are greater
than (KB), type the size, in kilobytes, of messages you want to designate as oversized. Under
Connection time, specify times when oversize messages are sent, as described in the previous
step. In this case the limit will be 15-MB
Configure Routing Group Connector Delivery Options
On a Routing Group connector's Delivery Options tab, you can specify when messages are sent
through the connector and define a separate delivery schedule for large messages.
To configure Routing Group connector delivery options:
1. Start System Manager: On the Start menu, point to Programs, point to Microsoft
Exchange, and then click System Manager.
You can manually start the application by following these instructions: On the Start menu, point
to Programs, point to Microsoft Exchange, and then click System Manager.
2. Navigate to Connectors.
If you do not have routing groups defined:
System Manager
1. Administrative Groups
2.
3. Connectors
If you do have routing groups defined:
System Manager
4. Administrative Groups
5.
6. Routing Groups
7.
8. Connectors
3. Right-click a routing group connector, click Properties, and then click the Delivery
Options tab.
4. To specify times when messages are sent through the connector, under Connection
Time, select one of the standard values in the drop-down list. The default is Always run.
- OR -
Click Customize and select the appropriate connection times on the timetable grid. To change
the level of detail on the grid, in Detail view, select 1 hour or 15 Minutes.
5. To specify delivery times based on message size, select Use different delivery times for
oversize messages. In Oversize messages are greater than (KB), type the size, in
kilobytes, of messages you want to designate as oversized. Under Connection time,
specify times when oversize messages are sent, as described in the previous step.
Configuring Message Routing
Microsoft Exchange 2003 Server is designed to serve companies of all sizes. Smaller companies
can meet all of their messaging and collaboration needs using a single computer running
Exchange. Larger companies may require more complex configurations, with connections
between multiple computers running Exchange or between Exchange and other messaging
systems.
An Exchange mail system, or organization, consists of one or more computers, or servers, on
which Exchange is installed. In all but the smallest Exchange installations, you will likely need
to configure multiple computers running Exchange to work together. Within some groups of
computers, servers are connected by reliable, permanent connections. Groups of servers linked
together in this way are called a routing group. Between routing groups, connections may be
unreliable or slower.
Routing group configuration becomes necessary only when you need to connect two or more
routing groups or when you install connectors to foreign messaging systems in your Exchange
installation. Communication between routing groups is handled by Exchange Routing Group
connectors.
After you determine the topology for your messaging system, the topics in this section provide
the background information you need to connect computers running Exchange and to understand
how messages are routed from one computer to another.
Reference
Exchange server 2003 Admin Help


29.QUESTION NO: 29

You are the Exchange administrator for TestKing. The company intranet is protected by a
firewall. The Exchange organization includes a server named TestKingSrvA, which runs
Exchange Server 2003. TestKingSrvA contains only public folders. It does not contain user
mailboxes.
Currently, your customers send comments in e-mail messages to an alias named
Comments. These e-mail messages are received by the customer service manager.
Management decides to collect customer comments in one location so they can be easily
viewed by all users. You remove the Comments e-mail SMTP address from the mailbox of
the customer service manager. You use Exchange System Manager to create a new public
folder named Comments and TestKingSrvA. Then you send a test e-mail message to the
Comments e-mail address. You receive a non-delivery report (NDR).
You need to ensure that customers will be able to send comments to the Comments alias,
and that the comments will be saved in the new Comments folder.
What should you do?

A. Modify the configuration of the Comments folder so that it is mail-enabled.
B. Modify the configuration of the firewall to allow SMTP traffic to pass from the Internet
to TestKingSrvA.
C. On your DNS server, create a mail exchanger (MX) resource record that has a priority of
10 and that points to the host (A) resource record for TestKingSrvA.
D. In Active Directory, create a new Contact object named Comments.