###BeginCaseStudy###
Testlet 1
Topic 4, A.Datum
Background
General Background
You are a SharePoint administrator for A. Datum Corporation. A. Datum is a large legal firm with offices in Chicago, New York, and London. A. Datum is merging
with a smaller legal firm named Fabrikam, Inc.
Technical Background
A)
Datum has an Active Directory Domain Services (AD DS) domain named adatum.com. The domain contains an Active Directory Rights Management Services
(AD RMS) server.
The A. Datum SharePoint environment includes the sites described in the following table.
The A. Datum SharePoint environment contains two servers that run all SharePoint services. The servers run Windows Server 2012 and are members of the
domain. A third-party file-level antivirus application runs on all servers in the domain. The adatum.com farm uses Microsoft SQL Server 2012 for the SharePoint
databases.
A)
Datum is planning a three-tier SharePoint farm to replace the existing farm. A firewall will be placed between each tier. All servers must be virtualized unless
otherwise specified. The following servers are available for the new SharePoint environment:
All user accounts are stored in and maintained by using Active Directory. The My Site portal and document portal SharePoint sites receive user and group
membership information by using Active Directory synchronization. New users often have to wait more than 24 hours before they can view their user profile
information.
Fabrikam has an AD DS domain named fabrikam.com and a single-server SharePoint environment.
Web Applications
A new remote web application named App1 will be hosted in the adatum.com domain. App1 will require access to SharePoint resources in the fabrikam.com
domain. SharePoint administrators in the fabrikam.com domain must be able to administer App1 by using Windows PowerShell.
Technical Requirements
You must meet the following technical requirements:
Fabrikam users must be able to directly access internal SharePoint resources in the adatum.com domain.
A)
Datum users must not be able to access resources in the fabrikam.com domain.
All documents relating to the merger must contain a barcode, and must be protected from distribution.
Authenticated users must not be prompted for credentials when they access App1.
Users in the adatum.com domain must be able to access all SharePoint sites the same day they receive their Active Directory account credentials.
When a user account is deleted, the user’s personal site collection must automatically be removed within 12 hours.
The antivirus application must not scan SharePoint directories.
When migrating the SharePoint environment, you must meet the following requirements:
The application and database servers must not be accessible from the Internet.
The database servers must accept connections only from the SharePoint servers.
The database servers must be physical machines running Windows Server 2012 with direct access to storage.
The database servers must be configured for redundancy.
All database transaction logs must be sent off-site.
All SharePoint installation prerequisites must be installed offline.
###EndCaseStudy###
You need to configure the antivirus application.
Which two actions should you perform? (Each correct answer presents a part of the solution. Choose two.)
A.
Configure scanning to exclude the %Program Files%\\Microsoft SQL Server \\MSSQL10_50.SHAREPOINT\\ folder.
B.
Configure scanning to include the %Program Files%\\Microsoft Office Servers\\15.0\\ folder.
C.
Configure scanning to exclude the %Program Files%\\Microsoft Office Servers\\15.0\\ folder.
D.
Configure scanning to exclude the %Program Files%\\Microsoft Office Servers\\14.0\\ folder.
E.
Configure scanning to include the %Program Files%\\Microsoft Office Servers\\14.0\\ folder.
F.
Configure scanning to exclude the %Program Files%\\Common Files\\Microsoft shared\\Web Server Extensions folder.
Explanation:
Scenario:
The antivirus application must not scan SharePoint directories.
SharePoint presents an interesting challenge to the designers of antivirus software because documents uploaded to a SharePoint instance are not directly stored on
a file system; instead, they are stored within SQL tables as a Binary Large Object (BLOB).
The direct manipulation of SharePoint databases from SQL is not supported; this fact disallows the direct scanning of SharePoint content databases. Instead,
Microsoft provides a SharePoint Virus Scan Engine (VSE) API, which enables third-party software to interact with SharePoint content databases.
Folders that may have to be excluded from antivirus scanning in SharePoint
You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:
Drive:\\Program Files\\Common Files\\Microsoft Shared\\Web Server Extensions
If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:
Drive:\\Program Files\\Microsoft Office Servers\\15.0\\Data (This folder is used for the indexing process. If the index files are configured to be located in a different
folder, you also have to exclude that location.)
Drive:\\Program Files\\Microsoft Office Servers\\15.0\\Logs
Drive:\\Program Files\\Microsoft Office Servers\\15.0\\Bin
Drive:\\Program Files\\Microsoft Office Servers\\15.0\\Synchronization Service
Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:\\Blobcache).
Note: If you have SharePoint Server 2013, these folders should be excluded in addition to the folders that are listed in the “SharePoint Foundation 2013” section.
https://support.microsoft.com/en-us/kb/952167