You deploy Office 365
.
All the members of a team named Sales have full access to a shared mailbox named Sales.
You enable auditing for all shared mailboxes.
From the Sales mailbox, an email message that contains inappropriate content is sent.
You need to identify which use
r sent the message.
What should you do?
A. From the Exchange Control Panel, run an administrator role group report.
B. From Windows PowerShell, run the
Get-SharingPolicy
cmdlet.
C. From Windows PowerShell, run the
Write-AdminAuditLog
cmdlet.
D. From
Windows PowerShell, run the
New-MailboxAuditLogSearch
cmdlet.
Explanation:
By process of elimination:
The Write-AdminAuditLog cmdlet will write a comment to the administrator audit log.
The Get-SharingPolicy cmdlet allows you to view the setting
s of sharing policies
The administrator role group report in EOP will list changes to the management role groups within a particular time frame.
The New-MailboxAuditLogSearch cmdlet performs an async search of mailbox audit logs for the specified mailboxes
and sends the search results by email to the specified recipients.
References: https://technet.microsoft.com/en-us/library/ff522362%28v=exchg.150%29.aspx