- (Exam Topic 5)
You have a Microsoft Exchange Online tenant.
You discover that a virus has infected the mailboxes of several users. The users are currently spreading the virus by emailing attachments that contain the virus.
You need to temporarily prevent all users from emailing attachments while you remove the virus from all the mailboxes.
What should you configure?
Correct Answer:
B
Reference:
https://docs.microsoft.com/en-us/exchange/security-and-compliance/mail-flow-rules/common-attachmentblocki
- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an Exchange Online tenant that contains 2,000 mailboxes.
A partner company named Fabrikam, Inc. uses a third-party messaging solution. The outbound SMTP server for Fabrikam uses an IP address of 131.107.2.22.
You discover that several email messages from the fabrikam.com domain are erroneously marked as spam. You need to ensure that all the email messages sent from the fabrikam.com domain are delivered successfully
to the user mailboxes of your company.
Solution: You create a spam filter policy. Does this meet the goal?
Correct Answer:
A
Add Fabrikam.com to the ‘Domain allow list’ in a spam filter policy.
- (Exam Topic 5)
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use
as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username: admin@abc.com
Microsoft 365 Password: xxxxxx
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only.
Lab Instance: XXXXXX
You need to reduce the likelihood that malicious links contained in emails received by mailboxes in
@lab.CloudCredential(1).TenantName are opened.
To complete this task, sign in to the Exchange admin center.
Solution:
Navigate to the Exchange Admin Center, and then choose the Advanced Threats
section of the EAC. Click the Safe Links
tab to examine all existing Safe Links policies:
After navigating to the Safe Links policy page, choose the Add
button (+) to create a new policy. The
New Safe Links Policy
window opens.
- In the resulting window we’ll be presented with the options available for creating our new Safe Links policy. In Name
enter an appropriate, unique, name that describes this policy. In the description enter some text
that provides a little more detail for anyone trying to make sense of the options selected here. Next we’ll choose the action to take for URLs. We can leave this Off, if for example we are creating a policy to exclude a group of users that would otherwise be affected by another Safe Links policy. The checkbox Do not track user click
can be selected if you do not wish to use the reporting
functionality available at a later date. This is a key feature when understanding which users clicked a link that was later found to be a threat, so be careful about choosing to disable user click tracking. Our final check box provides options for click-through is a link is found to be dangerous. In some circumstances you may trust users to click-through links, or they may request the ability to do so. In
most circumstances you will not
want a user to click-through the malicious link. Some URLs, such as those for internal addresses or even trusted partners, may not require re-writing.
Enter these URLs here. Finally, we will select the scope for the rule under the Applied to
section. Using similar conditions to transport rules we can select who this rule applies to including:
- Individual recipients
- Recipient domains
- Members of distribution groups The same conditions can be used for exceptions. When you have configured your rule, choose Save.
After saving the new Safe Links rule it will be shown in the EAC list. Just like Transport Rules, you can use the Enabled column to enable or disable the Safe Links policy.
Reference:
https://techgenix.com/implementing-exchange-online-advanced-threat-protection-part2/
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
You have a hybrid deployment between a Microsoft Exchange Online tenant and an on-premises Exchange Server 2019 organization.
The certificate for the hybrid deployment expires in two days. You need to replace the certificate.
Which three cmdlets should you run in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.
Solution:
New-ExchangeCertificate: Create the certificate renewal request. Import-ExchangeCertificate: Install the new certificate.
Enable-ExchangeCertificate: Assign the new certificate to Exchange services. Reference:
https://docs.microsoft.com/en-us/powershell/module/exchange/new-exchangecertificate?view=exchange-ps https://docs.microsoft.com/en-us/exchange/architecture/client-access/import-certificates?view=exchserver-2019 https://docs.microsoft.com/en-us/exchange/architecture/client-access/assign-certificates-to-services?view=exchs
Does this meet the goal?
Correct Answer:
A
- (Exam Topic 5)
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Online tenant that contains 1,000 users.
A user named User1 receives a non-delivery report (NDR) when attempting to send an email message to an internal group named sales@contoso.com. The NDR contains the following text: “5.7.1 Delivery not authorized.”
You need to ensure that User1 can send email to sales@contoso.com successfully. Solution: You modify the properties of User1.
Correct Answer:
B
Reference:
https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/non-delivery-reports-in-exchange-online/fix