###BeginCaseStudy###
Topic 1, Fabrikam inc.
Overview
Fabrikam. Inc. is an international manufacturing company that has 5,000 employees. The company has sales,
marketing research and human resources departments. Fabrikam has two main offices and three branch
offices. The main offices are located in New York and London. The branch offices are located in Seattle,
Montreal, and Paris. The offices connect to each other by using a WAN link. Each office connects directly to the
Internet. The WAN connections from the main offices to the branch offices are reliable.
Existing Environment
Exchange Environment
The Exchange Server organization contains servers that have either Exchange Server 2010 or Exchange Server
2013 installed. Each main office contains two Exchange Server 2013 servers. Each branch office contains one
Exchange Server 2010 server.
MX records are configured to deliver email to the offices in New York and London. Email is delivered to the
London office only if the New York office is unavailable.
Each office is configured to use a separate namespace for client access. The New York office is configured to
use a namespace of mail.fabrikam.com.
The servers in the New York and London offices are members of a database availability group (DAG).
Each mailbox database in the New York and London offices has three copies.
The technical support staff in the branch offices have administrative access to the existing Exchange servers
and are assigned Organization Management permissions.
Users from the sales department frequently send email messages that contain the Social Security number of
customers in the United States.
Problem Statements
Fabrikam identifies the following issues on the network:
Users in the Paris office report that when launching Microsoft Outlook, they receive a security alert
indicating a certificate name mismatch. The security alert is not generated when they connect to Outlook
Web Access. Users from the other offices do not report receiving the security alert.
Network administrators report that the mailbox databases in the New York office sometimes activate on
the Exchange servers in the London office, resulting in poor performance for the New York office users.
Planned Changes
Fabrikam plans to implement the following changes to the network:
Upgrade the organization to Exchange Server 2016 during the next six months.
Enable online document viewing and editing from Outlook on the web.
High Availability Requirements
Fabrikam identifies the following high-availability requirements for the planned deployment:
Mailbox databases that contain mailboxes for the New York office users must only be activated on the
servers in the London office manually.
All client access connections to the London and New York offices must use load-balanced namespaces.
The load balancing mechanism must perform health checks.
Security and compliance requirements
Fabrikam identifies the following security and compliance requirements:
After the planned upgrade, the maximum mailbox size must be 5 GB.
Administrators from the branch offices must be able to view the mailbox properties and reset the
passwords of the users, but must be prevented from changing the mailbox database configurations.
Users who are involved in legal disputes with customers must be prevented from permanently deleting
email messages pertaining to the dispute. The users must be able to delete all other messages
permanently.
If a user enters a Social Security number in an email message addressed to an external recipient, the user
must receive a notification before sending the message If the user sends the message. The message must
not be delivered. A compliance officer must be notified of the violation.
Connectivity requirements
Fabrikam identifies the following connectivity requirements:
Connections for inbound and outbound email must be initiated and terminated from an Edge Transport
server in the perimeter network.
All external client connections from the branch office users must be proxied from the New York office to
the branch offices.
The number of namespaces used for client access must be minimized.
###EndCaseStudy###
HOTSPOT
You need to configure a data loss prevention (DLP) policy to meet the compliance and security requirements.
How should you configure the policy rule? To answer, select the appropriate options in the answer
area.
Answer: 
If a user enters a Social Security number in an email message addressed to an external recipient, the user must receive a notification before sending the message if the user sends the message. The message must not be delivered. A compliance officer must be notified of the violation.
Do the following:
Notify the sender by using a policy tip and block the message.
https://technet.microsoft.com/en-us/library/jj619307(v=exchg.150).aspx
Because you need to choose “notify the sender by …”, the other answer should be given in the first respond rule. A compliance officer must be notified of the violation.
Answer: Generate an incident report and send the report to (email address).
0
0
I agree with you Marco
0
0
I agree too, but the wrong answer is posted all over the internet.
0
0
I agree Marco too.
0
0
Thanks Marco
I doubted a bit but after reading the options again it is indeed
-generate incident report and send…
-notify the sender (cause it needs to be a mailtip before user sends)
0
0
Yes Agreed with Marco. Policy tip with an incident report will serve the purpose.
0
0
What’s more, part of the new 104Q 70-345 dumps for your reference:
https://drive.google.com/open?id=0B-ob6L_QjGLpck5vRk5XUVFQb00
Best Regards!
0
0
First, you’ll want to configure the DLP scope – in our case, we want to process emails that are sent to external recipients and contain sensitive information.
Then, we want to generate an incident report and send it to an email address for review, this report will include the original email as an attachment.
After the incident report was generated, we want to display a policy tip to the user, something like “This message contains sensitive information that the recipient is not allowed to receive.”
If the user decides to send it anyway, we want to block it. Therefore the last option is “Display a policy tip and block the message”.
As a side note, I believe this option makes the send button unavailable, so the user will only see the policy tip and will not be able to send the email at all. I remember reading something about this but did not test it in my lab yet, so I may be wrong, but the basic idea still stands. The given answer is not correct.
0
0
Agree with All,correct answer as below:
1. The recipient is outside of the organization
2.The message contains sensitive information
3. Generate an incident report and send the report to
4.Notify the sender by a policy tip and block the message.
Have tested in my labs . it works.
if follow provided answer to configure the settings, you will receive the below errors:
An action to reject the message was specified, but there is more than one action. When this action is used, it must be the only action in the rule
2
0