MICROSOFT NEWS: 70-663 Exam Questions has been Updated Today! Get Latest 70-663 VCE and 70-663 PDF Instantly! Welcome to Download the Newest Braindump2go 70-663 VCE&70-663 PDF Dumps: http://www.braindump2go.com/70-663.html (291 Q&As)
Braindump2go New Released 70-663 Exam Dumps Questions New Updated Today: Latest 291 Questions and Answers Explanation. Guarantee you 100% Success when you attend Microsoft MCM 70-663 Exam! We update 70-663 Exam Dumps Questions every day and you can come to download our latest 70-663 Practice Tests daily!
Exam Code: 70-663
Exam Name: Pro: Designing and Deploying Messaging Solutions with Microsoft Exchange Server 2010
Certification Provider: Microsoft
Corresponding Certifications: MCITP, MCITP: Enterprise Messaging Administrator on Exchange 2010
70-663 Dumps,70-663 Dumps PDF,70-663 Dumps VCE,70-663 PDF,70-663 VCE,70-663 Study Guide,70-663 Braindump,70-663 Book,70-663 Exam Questions,70-663 Practice Test,70-663 Practice Exam,70-663 eBook,70-663 Preparation
QUESTION 51
You have an Exchange Server 2010 organization.
Users have mobile devices that run Windows Mobile 6.1.
You need to plan a solution to meet the following requirements:
– Ensure that users in the legal department can delete data from a mobile device if it is stolen
– Ensure that only administrators can perform remote wipes on all other mobile devices
What should you include in the plan?
A. Create multiple Exchange ActiveSync policies.
B. Upgrade all mobile devices to Windows Mobile 6.5.
C. Create multiple Outlook Web App (OWA) mailbox policies.
D. Implement Active Directory Rights Management Services (AD RMS).
Answer: C
Explanation:
Remote wipe is supported on Windows Mobile 6.1:
The remote wipe feature enables administrators to request that the client erase all data from a device. Remote wipe is used in scenarios in which a device is lost or stolen, or when a user has left the company, or no longer has permission to synchronize corporate data. Administrators can use the Exchange Management Shell or the Exchange Management Console (EMC) to request a remote wipe.
With Powershell you need to execute the Clear-ActiveSyncDevice cmdlet.
Clear-ActiveSyncDevice -Identity {name returned from Get-ActiveSyncDevice} -NotificationEmailAddresses {desired email address to send notice of wipe to}
Users can issue their own remote device wipe commands from the OWA user interface.
But user must have “Recipient Management” role assigned to do this.
Exchange ActiveSync mailbox policies let you apply a common set of policy or security settings to a user or group of users.
QUESTION 52
Your company contains an internal network and a perimeter network.
The internal network contains an Active Directory forest.
The company has a single domain.
You plan to deploy 10 Edge Transport servers on the perimeter network.
You need to recommend a solution for the Edge Transport server deployment.
The solution must meet the following requirements:
– Allow administrators to apply a single security policy to all Edge Transport servers
– Reduce the Administrative overhead that is required to manage servers
– Minimize the attack surface of the internal network
What should you recommend?
A. Implement Network Policy and Access Services (NPAS).
B. Implement Active Directory Federation Services (AD FS).
C. Create a new Active Directory domain in the internal forest and then join all Edge Transport
servers to the new domain.
D. Create an Active Directory forest in the perimeter network and then join all Edge Transport
servers to the new domain.
Answer: D
Explanation:
The Edge Transport Server role in Exchange Server 2007 is designed to be installed in your organization’s perimeter network (aka DMZ or screened subnet). The Edge Transport Server is the only Exchange 2007 server role that should not be part of your corporate Active Directory on your internal network; it should instead be installed on a stand-alone server in a workgroup or as a domain member in an Active Directory dedicated to servers located in the perimeter network as shown in Figure 1.
Although the Edge Transport Server role is isolated from Active Directory on the internal corporate production network, it is still able to communicate with the Active Directory by making use of a collection of processes known as EdgeSync that run on the Hub Transport Server and which, since it is part of the Active Directory, have access to the necessary Active Directory data. The Edge Transport server uses Active Directory Application Mode (ADAM) to store the required Active Directory data, which is data such as Accepted Domains, Recipients, Safe Senders, Send Connectors and a Hub Transport server list (used to generate dynamic connectors so that you do not need to create them manually).
It is important to understand that the EdgeSync replication is encrypted by default, and that the replication is a one-way process from Active Directory to Active Directory Application Mode (ADAM), this means that no data is replicated from ADAM to AD.
The first time EdgeSync replication occurs, the ADAM store is populated, and after that data from Active Directory is replicated at fixed intervals. You can specify the intervals or use the default settings, which when speaking configuration data is every hour and every 4th hour for recipient data.
http://www.msexchange.org/articles_tutorials/exchange-server-2007/planning-architecture/uncoveringexchange-2007-edge-transport-server-part1.html
QUESTION 53
You have an Exchange Server 2010 organization.
Your company’s compliance policy states that the following occurs when a user leaves the company:
– The user account is disabled
– The user account and mailbox are deleted after six months
– All e-mail messages in the mailbox are retained for three years
You need to recommend a solution to retain the e-mail messages of users who leave the company.
The solution must meet the following requirements:
– Ensure that a group named Group1 can manage the process
– Minimize disk space required to store the mailbox database
What should you recommend?
A. Assign the Mailbox Search management role to Group1 and then create a retention policy.
B. Assign the Mailbox Search management role to Group1 and then create a managed folder
mailbox policy.
C. Assign the Mailbox Import Export management role to Group1 and then configure Personal
Archives for each mailbox.
D. Assign the Mailbox Import Export management role to Group1 and then instruct Group1 to
export mailboxes to personal folder (.pst) files.
Answer: D
Explanation:
To create the role group we need to run the following:
New-RoleGroup “Mailbox Import-Export Management” -Roles “Mailbox Import Export” This will create a group called “”Mailbox Import-Export Management””, every user added to this group will have the right to run the import/export cmdlets, adding a user can be done by running the following:
Add-RoleGroupMember “Mailbox Import-Export Management” -Member <user account> To export a mailbox:
QUESTION 54
You have an Active Directory domain named contoso.local.
You plan to deploy an Exchange Server 2010 organization that will contain the following server:
– Two Edge Transport servers named Edge1.contoso.com and Edge2.contoso.com
– Two Hub Transport servers named hub1.contoso.local and hub2.contoso.local
You need to design a solution that ensures that e-mail messages from the Internet can be delivered to internal recipients if a single Edge Transport server fails.
What should you include in the design?
A. two Remote Domains
B. two SRV resource records
C. two EdgeSync Subscriptions
D. two mail exchange (MX) records
Answer: D
QUESTION 55
You have an Exchange 2010 organization.
Your company’s security policy states that all connections to Outlook Web App (OWA) must use smart card authentication.
You need to recommend a solution to meet the security policy requirements.
Which two possible ways to achieve this goal should you recommend? (Each correct answer presents a complete solution. Choose two.)
A. Require certificate-based authentication for all Internet-facing Client Access servers.
B. Require Windows Integrated Authentication for all Internet-facing Client Access servers.
C. Deploy an Edge Transport server and then disable Windows Integrated Authentication.
D. Deploy a server that runs Microsoft Internet Security and Acceleration (ISA) Server and
enable Kerberos constrained delegation.
Answer: AD
Explanation:
We need to enable certificate-based authentication in IIS for the server itself. The first step it to open IIS, then navigate to the server node. Select Authentication under the IIS heading, then after selecting Active Directory Client Certificate Authentication, choose Enable:
The second step is to enable certificate-based authenticate for the website.
C:\WINDOWS\SYSTEM32\INETSRV\APPCMD.EXE set config “Default Web Site”-section:system.
webServer/security/authentication/clientCertificateMappingAuthentication /enabled:”True” /commit: apphost
Third, from EMC select the Client certificate authentication options;
ISA Server 2006 introduces support for Kerberos constrained delegation to enable published Web servers to authenticate users by Kerberos after their identity has been verified by ISA Server using a non-Kerberos authentication method. When used in this way, Kerberos constrained delegation eliminates the need for requiring users to provide credentials twice. For example, because it is unrealistic to perform Kerberos authentication over the Internet, SSL certificates might be used for authenticating users at the ISA Server computer. After ISA Server verifies the user’s identity, ISA Server cannot pass the SSL client certificate provided by the user to a published server, but it can impersonate the user and obtain a Kerberos service ticket for authenticating the user (client) to a published Web server.
QUESTION 56
You have Exchange Server 2003 organization.
The organization contains a front end server named FE1 and a back end server accessible from the Internet by using mail.contoso.com.
You plan to transition the organization to Exchange Server 2010.
You will deploy a Mailbox server named MIX1 and a Client Access server named CAS1.
Users will access Outlook Web Access and Outlook Web App (OWA) by using the URL. https://mail.contoso.com.
You need to recommend a DNS configuration for the external name of mail.contoso.com.
Which server should be associated with the name mail.contoso.com?
A. BE1
B. CAS1
C. FE1
D. MIX1
Answer: B
Explanation:
One of the first steps in transition is to install CAS2010 and point DNS records to it.
QUESTION 57
You have an Exchange Server 2010 Hub Transport server named Hub1.
You install an application on a third-party server named Server1.
You discover that the application cannot authenticate to remote servers.
You need to ensure that the application can relay e-mail messages by using Hub1.
What should you do?
A. Create a new Send connector
Add the TCP/IP address of Server1 to the Send connector
Modify the permissions for the Send connector
B. Create a new Receive connector
Add the TCP/IP address of Server1 to the Receive connector
Modify the permissions for the Receive connector
C. Add the TCP/IP address of Server1 to the default Receive connector
Create a message classification
Create a transport rule
Add the TCP/IP address of Server1 to the Client Receive connector
D. Create a remote domain
E. Create a transport rule
Answer: B
QUESTION 58
You have an Exchange Server 2010 organization that contains two Client Access servers.
You deploy a Microsoft Internet Security and Acceleration (ISA) Server.
You need to recommend a high availability solution for the Client Access servers.
The solution must meet the following requirements:
– Ensure that Outlook Web App (OWA) connections are available if a single Client Access server fails
– Ensure that client access services are available if a single service fails on a Client Access server
What should you recommend?
A. Deploy a hardware load balancer.
B. Deploy Windows Network Load Balancing.
C. Publish each Client Access server in a separate publishing rule.
D. Publish both Client Access servers in a single publishing rule as a Web server farm.
Answer: D
QUESTION 59
You have an Active Directory forest.
You plan to deploy an Exchange Server 2010 organization that contains the following servers:
– Two Edge Transport servers
– Two Hub Transport servers
You need to recommend changes to the organization to ensure that e-mail messages can be sent to the Internet if a single transport server fails.
What should you recommend?
A. Configure shadow redundancy for the Hub Transport servers.
B. Implement fallover clustering on both Hub Transport servers.
C. Configure both Edge Transport servers as source servers for a Send connector.
D. Create one mail exchange (MX) record and one SRV record for each Edge Transport server
in the internal DNS zone.
Answer: C
Explanation:
Send connectors create a logical connection to remote e-mail systems and are responsible for outbound transmission of e-mail messages. If you use the EdgeSync process, it will configure the Send connectors required for mail flow to the Internet and to the Edge Transport servers in your Microsoft Exchange Server 2010 organization. If your organization requires a Send connector with specific configuration options, or if you don’t use the EdgeSync process, you must manually configure Send connectors.
QUESTION 60
You have an Exchange Server 2010 organization.
Your network is separated from the Internet by a firewall.
You need to identify the ports that must be opened on the firewall to allow clients from the Internet to use the following connections:
– Outlook Anywhere
– Outlook Web App (OWA)
– Exchange ActiveSync
– IMAP4 over Secure Sockets Layer (SSL)
Which TCP ports should you identify?
A. 25, 443 and 993
B. 26, 443 and 995
C. 25, 80, 143 and 3269
D. 80, 143, 443 and 389
Answer: A
Explanation:
Exchange Ports
Braindump2go New Released 70-663 Dumps PDF are Now For Free Download, 291 Latest Questions, Download It Right Now and Pass Your Exam 100%:
FREE DOWNLOAD: NEW UPDATED 70-663 PDF Dumps &70-663 VCE Dumps from Braindump2go: http://www.braindump2go.com/70-663.html (291 Q&As)