Objective 2.2 Exchange 2010 Flashcards

Objective 2.2: Configure RBAC.

1
Q

Administrators with limited permissions are often termed ______ users.

A

specialist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Delegates of a specific management role who also hold the ______ role can assign the role to other users.

A

Role Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The following command assigns the transport rules management role to the Glasgow Recipient Admins role group, naming it “Transport_Rules_Glasgow_Recipient_Admins” and scopes the assignment to the Marketing OU in the Adatum.com domain: ______.

A

New-ManagementRoleAssignment -Name “Transport_Rules_Glasgow_Recipient_Admins” -SecurityGroup “Glasgow Recipient Admins” -Role “Transport Rules” -RecipientOrganizationalUnitScope Adatum.com/Marketing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You can use the ______ to create and configure a management scope.

A

EMS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The following command creates a management scope named “Hub Servers” that contains the Hub Transport servers HUB01, HUB02, and HUB03: ______.

A

New-ManagementScope -Name “Hub Servers” -ServerList HUB01, HUB02, HUB03

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The following command adds Hub Transport server HUB04 to the management scope named “Hub Servers”, along with HUB01, HUB02, and HUB03: ______.

A

Set-ManagementScope -Identity “Hub Servers” -ServerList HUB01, HUB02, HUB03, HUB04

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You can define role members by specifying an OU. For example, the following command creates a new management role assignment named “Transport_Rules_Brisbane” that assigns the Transport Rules role to the Brisbane Recipient Admins group but limits its use to accounts in the Marketing OU in the Brisbane.Adatum.com domain: ______.

A

New-ManagementRoleAssignment –Name “Transport_Rules_Brisbane” -SecurityGroup “Brisbane Recipient Admins” –Role “Transport Rules” –DomainOrganizationUnitRestriction Brisbane.Adatum.com/Marketing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

All the built-in management role groups are located in the Microsoft ______ OU in Active Directory Domain Services (AD DS).

A

Exchange Security Groups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The exam objectives specifically identify the Help Desk management role group. By default, membership of this role group enables users to view and modify the ______ options of any user in the organization.

A

Outlook Web Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Role holders in the ______ management role group can perform limited recipient management, such as managing a user’s display name and address.

A

Help Desk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

If you want members of the Help Desk role group to manage mailboxes, mail contacts, and mail-enabled users, you can assign the ______ management role to this role group.

A

Mail Recipients

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

You can use the EMS ______ cmdlet to create a role group.

A

New-RoleGroup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The command that follows creates a role group called “Transport Role Group” that is assigned to the Transport Rules management role. The role group is assigned to Kim Akers and Don Hall and can be managed by Kim Akers. The role group is created in the Exchange Security Groups AD DS container: ______.

A

New-RoleGroup -Name “Transport Role Group” -Roles “Transport Rules” -Members “Kim Akers”, “Don Hall” -ManagedBy “Kim Akers”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An ______ role enables its members to create, modify, view, and remove address lists, global address lists, and offline address books.

A

Address Lists Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

There is no built-in management role group for address list management, but it is a good idea to create a custom role group (named “Address Lists Management”) whose members (“Kim Akers”, “Don Hall”, “Charlie Herb”, “Mor Hezi”, “Patrick Hines”) can perform this function. This group will be managed by “Kim Akers”. To do this, you would issue an EMS command similar to the following: ______.

A

New-RoleGroup -Name “Address Lists Management” -Roles “Address Lists” -Members “Kim Akers”, “Don Hall”, “Charlie Herb”, “Mor Hezi”, “Patrick Hines” -ManagedBy “Kim Akers”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You have created a scope named Mailbox Scope that includes only the Mailbox servers MBX01, MBX02, and MBX03. Users who are assigned management roles with this scope can perform only tasks allowed by the role against these servers. You configure a new Mailbox server called MBX04 and want to add it to the scope. What EMS command do you issue?

A

You issue the following command:

Set-ManagementScope –Identity “Mailbox Scope” –ServerList MBX01, MBX02, MBX03, MBX04

17
Q

Members of the Assistant Admins security group have been assigned as role holders to a role management group that allows them to carry out a limited series of administrative tasks. You also want them to be able to run some specified EMS cmdlets. What action must you take?

A

You create a new management role and add it to the role group.

18
Q

You want Don Hall to be able to configure antivirus and anti-spam features in your Exchange organization. What action do you take?

A

Add Don as a role holder in the built-in Hygiene Management role group.

19
Q

Brian Perry is a delegate of the built-in Help Desk role group. Only the default roles are associated with this role group. What does delegate membership of this role group enable Brian to do?

A

Brian can view and modify the Outlook Web Access options of any user in the organization, provided that user can also view and modify them. He can also manage membership of the role group.

20
Q

You want to assign the management role SalesRecipientAdmin to the SalesAdmins universal security group. You want to ensure that members of the SalesAdmins group can manage only those recipients whose accounts are located in the SalesUsers OU in the Adatum.com domain. What EMS command can you use to do this?

A

You use the following command:

New-ManagementRoleAssignment –Name “Sales_Recipient_Assignment” –Role “SalesRecipientAdmin” –User “SalesAdmin” –DomainOrganizationUnitRestriction Adatum.com/SalesUsers