You are a network administrator for a company named Contoso, Ltd.
You install the Active Directory Rights Management Services server role on a server. The Active Directory
Rights Management Services (AD RMS) server uses an internal certification authority (CA) for all certificates.
You plan to provide users with the ability to use AD RMS to protect all of the email messages sent to a partner
company named A. Datum Corporation.
ADatum does not have AD RMS deployed.
You need to identify which components from the Contoso network must be accessible to A. Datum to ensure
that the users at A. Datum can open protected messages.
Which two components should you identify? (Each correct answer presents part of the solution. Choose two.)
A.
The Active Directory domain controllers
Get-ManagementRoleEntry and Get-RoleAssignmentPolicy
B.
The Client Access servers
Get-Rolegroup and Get-ManagementRoleAssignment
C.
The certificate revocation list (CRL)
The certificate used to secure the message will need to be checked against a certificate revocation list
(CRL).
QUESTION 65
You have an Exchange Server organization. The organization contains servers that have either Exchange
Server 2010 or Exchange Server 2013 installed.
You hire a junior administrator named Admin5. Admin5 is a member of the Recipient Management
management role group.
You discover that Admin5 created two new mailbox-enabled users by using the New-Mailbox command.
You need to identify which management role provides Admin5 with the permissions to create new mailboxenabled users.
Which cmdlets should you run?
Get-ManagementRoleEntry and Get-ManagementRoleAssignment
D.
The Mailbox servers
Get-RolegroupMember and Get-ManagementRoleAssignment
E.
The AD RMS cluster
C.
The certificate revocation list (CRL)
The certificate used to secure the message will need to be checked against a certificate revocation list
(CRL).
QUESTION 65
You have an Exchange Server organization. The organization contains servers that have either Exchange
Server 2010 or Exchange Server 2013 installed.
You hire a junior administrator named Admin5. Admin5 is a member of the Recipient Management
management role group.
You discover that Admin5 created two new mailbox-enabled users by using the New-Mailbox command.
You need to identify which management role provides Admin5 with the permissions to create new mailboxenabled users.
Which cmdlets should you run?
Get-ManagementRoleEntry and Get-ManagementRoleAssignment
A.
The Active Directory domain controllers
Get-ManagementRoleEntry and Get-RoleAssignmentPolicy
B.
The Client Access servers
Get-Rolegroup and Get-ManagementRoleAssignment
C.
The certificate revocation list (CRL)
The certificate used to secure the message will need to be checked against a certificate revocation list
(CRL).
QUESTION 65
You have an Exchange Server organization. The organization contains servers that have either Exchange
Server 2010 or Exchange Server 2013 installed.
You hire a junior administrator named Admin5. Admin5 is a member of the Recipient Management
management role group.
You discover that Admin5 created two new mailbox-enabled users by using the New-Mailbox command.
You need to identify which management role provides Admin5 with the permissions to create new mailboxenabled users.
Which cmdlets should you run?
Get-ManagementRoleEntry and Get-ManagementRoleAssignment
D.
The Mailbox servers
Get-RolegroupMember and Get-ManagementRoleAssignment
Explanation:
A: The users in Adatum will need an account on a domain controller in Contoso to open a protected message.* Use the Get-ManagementRoleEntry cmdlet to retrieve management role entries that have been configured on
management roles.* Use the Get-ManagementRoleAssignment cmdlet to retrieve management role assignments.