You have an Exchange Server organization that contains three servers that have Exchange Server 2013
installed and one server that has Exchange Server 2010 installed.
You create the custom RBAC roles shown in the following table.

The Seattle help desk manages all of the users in an organizational unit (OU) named Seattle. The Miami help
desk manages all of the users in an OU named Miami. The IT Administrators manage all of the users in the
forest.
You need to recommend which commands must be run to prevent only the members of both help desks from
modifying the properties of users who have a department attribute value of Manager.
Which three commands should you run? (Each correct answer presents part of the solution. Choose three.)

A.
new-managementscope “executive users exclusive scope” -recipientrestrictionfilter { department -eq
“manager” } -exclusive force

B.
new-managementroleassignment -name “managers” -securitygroup “managers” -role “mail recipients” –
exclusiverecipientwritescope “executive users exclusive scope”

C.
new-roleassignmentpolicy -name “limited end user policy” -roles “mypersonalinformation”.

D.
new-rolegroup -name “managers” -roles “mail recipients” -members admins

E.
new-rolegroup -name “help desk” -roles “mail recipients” -members admins

Explanation:
Note:
* (A) Use the New-ManagementScope cmdlet to create a regular or exclusive management scope.
After you create a regular or exclusive scope, you need to associate the scope with a management role
assignment. To associate a scope with a role assignment, use the New-ManagementRoleAssignment cmdlet.
* (B) Use the New-ManagementRoleAssignment cmdlet to assign a management role to a management role
group, management role assignment policy, user, or universal security group (USG).