###BeginCaseStudy###
Topic 3, Contoso Ltd,
Overview General Overview Contoso. Ltd. is an international company that has 3,000 employees.
The company has sales, marketing, research, and human resource departments.
Physical Locations
Contoso has two main offices. The offices are located in New York and Chicago. Each moffice has a data center.
The New York office uses a network subnet of 10.1.0.0/16. The Chicago office uses a mnetwork subnet of
10.128.0.0/16.
The offices connect to each other by using a WAN link. Each office connects directly to the Internet.
Existing Environment
Active Directory The network contains an Active Directory forest named contoso.com. The forest mcontains a
single domain. All domain controllers run Windows Server 2012 R2. The forest mfunctional level is Windows
Server 2012 R2.
The forest contains six domain controllers configured as shown in the following table.
The forest is configured as a single Active Directory site.
Active Directory administrators manage the Active Directory schema. Exchange Server madministrators do not
have access to modify the schema.
Contoso has deployed Active Directory Rights Management Services (AD RMS).
Current Business Model
Contoso partners with a company names Fabrikam. Inc. on manufacturing initiatives. The partnership between
Contoso and Fabrikam requires that both companies share confidentialm information frequently.
Requirements
Business Goals
Contoso plans to install Exchange Server 2016 to provide messaging services for its users.
It must be as easy as possible for the users at Contoso to share free/busy information with mthe users at
Fabrikam.
As much as possible Contoso plans to minimize the costs associated with purchasing hardware and software.
Planned Changes
Contoso plans to implement the following changes before installing Exchange Server 2016:
Install hardware Network Load Balancing (NLB) in the New York and Chicago offices.
Implement Microsoft Office Online Servers in the New York and Chicago offices.
Provide Contoso users with company-approved tablets.
Planned Messaging Infrastructure
You plan to create an Exchange Server 2016 organization named Contoso. You plan to deploy seven servers
that will have Exchange Server 2016 installed. The servers will be configured as mshown in the following table.
All of the servers will be members of a database availability group (DAG) named DAG01.
Client Access Requirements
Contoso identifies the following client access requirements for the planned deployment:
Users must be able to configure their tablet to synchronize email by using Autodiscover.
Users must be able to access the Exchange Server organization by using the following names:
Mail.contoso.com
Autodiscover.contoso.com
Users must be able to access Outlook on the web internally and externally from their tablet.
Users must be able to access Office Online Server by using the URL of office-online.contoso.com.
Security Requirements
Contoso identifies the following security requirements for the planned deployment:
Exchange Server mailbox databases must be encrypted while at rest.
Users must be prevented from using Outlook on the web while they are offline.
Contoso users must be able to share Calendar details with approved external domains only.
Email messages sent to the users in the fabrikam.com SMTP domain must be encrypted automatically.
Whenever possible, client computers must be directed to the same Exchange server for log collection.
Users must be able to access their mailbox by using Exchange ActiveSync on the company approved tablets
only.
Email messages sent from the users in the human resources department of Contoso must be protected by
using AD RMS. regardless of the mail client.
Availability Requirements
Contoso identifies the following high-availability requirements for the planned deployment:
Servers must be able to complete a restart without administrative intervention.
The network load balancer must be able to probe the health of each workload.
If a data center fails, the databases in the other data center must be activated automatically.
Redundant copies of all email messages must exist in the transport pipeline before and after mdelivery.
Email messages must be made highly available by the Exchange Server organization before and after delivery.
If you manually mount the databases following the data center failure, the databases in the failed site must be
prevented from mounting automatically.
###EndCaseStudy###
You have an Exchange Server 2016 organization. The organization contains several servers.
Users in the marketing department often send Information Rights Management (IRM) protected email
messages. The IRM-protected messages are excluded from eDiscovery searches.
You need to configure the Exchange Server Organization to ensure that the contents of the mailboxes of the
marketing department users are searched for all messages that contain the word ProjectX. The solution must
prevent the email messages from being deleted permanently.
You user account is a member of the required role group.
Which three actions should you perform? Each correct answer present part of the solution.
A.
Run the New-Mailbox cmdlet
B.
Run the New-MailboxSearch cmdlet
C.
Run the Set-IRMConfiguration cmdlet
D.
Run the Search-Mailbox cmdlet
E.
Export the results from the discovery mailbox to a personal folders (PST) file, and then use
MicrosoftOutlook to open the PST file.
F.
F. Use Outlook on the web to open the discovery mailbox.
B C E
0
0
C: Set-IRMConfiguration –EdiscoverySuperUserEnabled $true
B: New-MailboxSearch –SourceMailboxes “Marketing” –SearchQuery “ProjectX” –InPlaceHoldEnabled $true
E: Export the results
0
0
Why export results?
0
0
There are three step in eDiscovery search:
-Estimate or preview search results (later in this topic)
-Copy eDiscovery search results to a discovery mailbox
-Export eDiscovery search results to a PST file
https://technet.microsoft.com/en-us/library/dd353189(v=exchg.160).aspx
0
0
Create a Discovery Search
https://technet.microsoft.com/en-us/library/dd353189(v=exchg.141).aspx
0
0
C: set-IRMConfiguration -EdiscoverySuperUserEnabled $true
B: New-MailboxSearch -Name “Search” -SourceMailboxes “Marketing” -SeachQuery “ProjectX” -targetMailbox “whatever” -InPlaceHoldEnabled $true
F: Use Outlook on the Web
F because
“Members of the Discovery Management role group can’t access IRM-protected messages exported from a Discovery mailbox to another mailbox or to a .pst file. IRM-protected messages in a Discovery mailbox can be accessed only by using Outlook Web App.”
https://technet.microsoft.com/en-us/library/gg588319(v=exchg.150).aspx
0
0
I agree with you, that is correct
0
0
Disagree with you. In Exchange 2016 user in Discovery search role can read content of pst file.
https://technet.microsoft.com/en-us/library/dn440164(v=exchg.160)
I tested it in my enviroment. I created new user and add it only to Discovery search group. I perfomed new eDiscovery search and exported results in pst file. Then I run Outlook 2013 and open pst file. No troubles have with it.
Answer is B & C & E!
0
0
+1. Protected content can be viewed by members of the role group “Discovery Management”, as long as the Exchange federation account is a member of RMS Super Users AND eDiscoverySuperUserEnabled is set to true (default setting).
0
0
Just to add to my comment, case study already mentioned the use of AD RMS. Question also mentioned the following:
“You user account is a member of the required role group”. Therefore, I think it’s safe to assume that the Exchange federation account is added to RMS Super Users in AD RMS. Thus, the only thing left to do here is to set eDiscoverySuperUserEnabled to true, which like I mentioned already, it’s the default setting.
0
0
Sam, Have you tried to export IRM protected messages to PST?
I think the Answer should be B,C,F.
As per the below link opening IRM messages in a discovery mailbox is only possible with OWA. Though i don’t find any such reference in Exchange 2016, i would still go with this answer. Because “Use Outlook on the web to open the discovery mailbox” is always possible be it 2013 or 2016. I think they wouldn’t have given the OWA choice if exporting protected mails to PST is possible.
https://technet.microsoft.com/en-us/library/gg588319(v=exchg.150).aspx
0
0
While you might be correct with the IRM-protected messages part (i haven’t found how Exchange 2016 works with it), the correct answer is still C & B & E.
From the question: “The IRM-protected messages are excluded from eDiscovery searches.”
So there are no messages that cant be accessed nonetheless.
0
0
The problem with that is I don’t see a need to run “(c) Run the Set-IRMConfiguration cmdlet”. Unless they want you to exclude IRM messages from being read and its just a typo.
Having read the question many times something is bugging me about it. When I do the exam I will see if this question is on it and report back.
0
0
BCF
0
0
By the way, part of that new 104Q 70-345 dumps for your reference:
https://drive.google.com/open?id=0B-ob6L_QjGLpck5vRk5XUVFQb00
Best Regards!
0
0
i will go with provided answer . Key words as below
The IRM-protected messages are excluded from eDiscovery searches
0
0