M5 MRAT Flashcards
What are the four types of external users and the DNS records required for those users to sign in?
Remote users, Federated users, Public IM users, Anonymous users
• DNS A records are required for the Edge external interface of each Lync Server 2010 service that
is available through the perimeter.
• DNS SRV records _sip._tls and _sipexternaltls._tcp are required for auto configuration of the
Access Edge external interface of each Lync Server 2010 that is available through the perimeter.
• DNS SRV record _sipfederationtls._tcp is required for federation of the Access Edge external
interface of each Lync Server 2010 that is available through the perimeter.
• DNS A records are required for each externally visible Simple URL.
• DNS A records are required for the reverse proxy external interface of each reverse proxy server in the perimeter network.
What are the three available Edge services and what do they do? What other role is necessary in the Edge infrastructure?
Access Edge, Web Conferencing Edge, and A/V Edge
- The Access Edge service provides a connection point for SIP traffic.
- The Web Conferencing Edge service enables external users to join meetings that are hosted on your internal Lync Server 2010 deployment.
- The A/V Edge service makes audio, video, application sharing, and file transfer available to external users
The other required role is reverse proxy.
What does the Director role do, and how does it benefit Lync Server 2010 pools with Edge infrastructure?
The Director role supports authentication of external users and may improve security, reliability, and performance.
Remote clients are able to join web conferences but are only able to access some types of content.
Ensure that the HTTP Reverse Proxy has been configured correctly
Internal users are not able to communicate with PIC users on AOL and Yahoo! services.
Verify that the PIC provisioning process has been completed for your organization. This process exists entirely outside of your Lync Server 2010 infrastructure and incurs some additional licensing fees.
DNS load balancing is not working properly for Edge servers.
Verify that all external Edge services are using NAT.
Edge server installation is failing.
Verify that the topology has been transported to the Edge server; this is necessary for the initial configuration.
Contosowants to ensure high availability of IM for internal users communicating with PIC contacts. What type of load balancing should be implemented?
Hardware load balancing, because DNS will not provide high availability for PIC.
Fabrikam is configuring the external firewall for its Lync Server 2010 Edge deployment. What ports should be opened for Access Edge service and Audio/Video Edge service?
For Access Edge, port 442. For A/V Edge, 50,000-59,999 port range.
Wingtip Toys is investigating security concerns with the Lync Server 2010 Edge infrastructure for compliance reasons. What types of Lync Server 2010 traffic are encrypted outside of the firewall?
All forms of traffic for Lync Server 2010 are encrypted outside of the firewall.
Supplement or modify the following best practices for your own work situations:
- Consider your load-balancing requirements carefully. DNS load balancing can alleviate loads on the hardware load balancer, but it is not supported by all clients.
- Ensure that the high port range (50,000-59,999) is open for outgoing TCP connections. If you are not federating with other companies, you do not need to open this port range.
- Use certificates issued by public certification authorities on the external edge of your Edge services. This ensures maximum compatibility with other entities.
PortQuery and
Telnet
Useful for verifying that a server can be connected to on a given port.
Remote
Connectivity
Analyzer
A quick way to verify that remote users can log on and that other basic functionality is in place.
Pingtest.net
A good way to see how reliable a connection is; it gives statistics on packet loss, latency, and jitter.
