Your network contains an Active Directory forest named contoso.com. The forest contains an
enterprise root certification authority (CA) named CA1. The network contains a server named EX1
that has Exchange Server 2013 installed. A partner company named A . Datum Corporation has an
Active Directory domain named adatum.com. The domain contains a server named EX5 that has
Exchange Server 2010 Service Pack 2 (SP2) installed. EX5 has a Receive connector that is configured
for mutual TLS. Users in contoso.com plan to send email messages that contain sensitive data to
users in adatum.com. You need to ensure that all of the email messages sent from contoso.com to
adatum.com are encrypted by using TLS. The solution must ensure that EX1 and EX5 validate server
certificates. Which three actions should you perform? (Each correct answer presents part of the
solution. Choose three.)
A.
Run the set-transportconfig -tlssenddomainsecurelist contoso.com command.
B.
Install a certificate, and then assign the certificate to the IIS service. Send the root certificate for
contoso.com to the administrators in adatum.com.
C.
Run the New-SendConnector cmdlet and specify the domainsecureenabled parameter.
D.
Run the New-SendConnector cmdlet and specify the tlsdomainparameter.
E.
Run the set-transportconfig -tlssenddomainsecurelist adatum.com command.
F.
Install a certificate, and then assign the certificate to the SMTP service. Send the root certificate
for contoso.com to the administrators in adatum.com.
Explanation:
A: Use the Set-TransportConfig cmdlet to modify the transport configuration settings for the whole
Exchange organization.
The TLSSendDomainSecureList parameter specifies the domains from which you want to send
domain secured email by using mutual TLS authentication.
In this scenario we send from EX1 in the contoso.com domain.
D: Need to create a new send connector.
The TlsDomain parameter specifies the domain name that the Send connector uses to verify the
FQDN of the target certificate when establishing a TLS secured connection.
F: A new certificate is needed for the SMTP service.