Objective 4.4 Exchange 2010

Question 1

You should be aware that you can configure an Edge Transport server or an Internet-facing Hub Transport server to use a list of specified DNS servers for external DNS lookups—instead of the DNS servers configured on the adapters installed on that server—by using the ExternalDNSAdapterEnabled and ExternalDNSServers parameters of the ______ cmdlet.

Answer 1

Set-TransportServer

Question 2

You can use the InternalDNSAdapterEnabled and InternalDNS Servers parameters with the Set-TransportServer cmdlet to use a list of specified DNS servers for internal DNS lookups on a Hub Transport server. For example, the following command configures the Hub Transport server VAN-HUB01 to use a list of specified DNS servers for internal DNS lookups instead of the DNS servers configured on the adapters installed on that server: ______.

Answer 2

Set-TransportServer VAN-HUB01 -InternalDNSAdapterEnabled $false InternalDNSServers {192.168.10.1, 192.168.10.2}

Question 3

A Hub Transport server running Exchange Server 2010 SP1 uses DNS to determine site ______ associations.

Answer 3

membership

Question 4

To reduce the overhead associated with DNS queries, Exchange 2010 adds the msExchServerSite attribute to the Active Directory ______. The value of this attribute is the distinguished name of the Active Directory site of the Exchange server. Exchange 2010 uses the Microsoft Exchange Active Directory Topology service to retrieve configuration and recipient data from Active Directory.

Question 5

A Send connector can be configured to use DNS Mail Exchange (MX) resource records to route mail automatically. In this configuration, the DNS client on the source server must be able to resolve public DNS records. In this case, the Send connector uses the external DNS list that you specify by using the ExternalDNSServers parameter. For example, the following two commands specify an external DNS list and configure Send Connector01 to use this list: ______.

Answer 5

Set-TransportServer –Identity VAN-EX1 –ExternalDNSServers 192.168.30.2,10.10.50.10

Set-SendConnector –Identity SendConnector01 –UseExternalDNSServersEnabled $true

Question 6

The ______ in a Hub Transport server determines what to do with each message based on recipient information in the message header. It expands distribution lists, identifies alternative recipients, processes recipient forwarding addresses, applies policies, routes messages, and converts content.

Answer 6

Categorizer

Question 7

After a message is received by an Exchange 2010 Hub Transport or Edge Transport server, it undergoes preliminary processing and is delivered to the submission queue. Messages then move from the submission queue through the ______.

Answer 7

Categorizer

Question 8

When they have been categorized, messages are queued in delivery queues. If a route to a recipient cannot be found, the messages are queued in the ______ queue, not the submission queue. For example, if you want to resubmit messages queued on the server EX-03 after a routing problem has been solved, you would issue the following EMS command: ______.

Answer 8

unreachable,

Retry-Queue -Identity “EX-03\Unreachable” -Resubmit $true

Question 9

Exchange 2010 accesses configuration information stored in AD DS to make routing decisions on a Hub Transport server. However, on an Edge Transport server, configuration information is stored in and accessed from ______ on the local server.

Answer 9

AD LDS

Question 10

A Hub Transport server can relay messages directly to hosts on the Internet. If your organization does not use an Edge Transport server, you can configure the ______ server to be Internet-facing. You can enable ______ agents on a Hub Transport server and deploy antivirus protection.

Answer 10

Hub Transport,

anti-spam

Question 11

A ______ object represents a set of sites that can communicate at a uniform cost through a specified intersite transport.

Answer 11

site-link

Question 12

Site links do not necessarily correspond to the ______ paths that network packets follow on the physical network, but the cost that you assign to a site link typically relates to the reliability, speed, and available bandwidth of the underlying network—for example, a high-speed network connection would be assigned a lower cost than a slower connection.

Answer 12

actual

Question 13

You can configure a site link to use either IP or ______. An ______ site link provides a store and forward mechanism for replication between Active Directory sites that do not have a reliable network link.

Answer 13

SMTP,

SMTP

Question 14

All types of data can be replicated across an ______ site link, and Exchange 2010 uses IP site links to determine its routing topology. The routing component of Exchange 2010 takes into account the cost assigned to an IP site link when calculating a routing ______.

Answer 14

IP,

table

Question 15

Exchange 2010 always attempts to deliver messages directly to the destination Hub Transport server, but otherwise uses site links when determining the ______ path. The default cost for a site link is ______.

Answer 15

least-cost,

100

Question 16

You can assign Exchange costs by using the EMS ______ cmdlet. For example, the following command sets an Exchange cost of 900 on the IP site link LINK0304: ______.

Note that Exchange site link costs do not alter the link costs for other traffic, such as Active Directory replication.

Answer 16

Set-AdSiteLink,

Set-AdSiteLink -Identity LINK0304 -ExchangeCost 900

Question 17

If a hub site exists along the least-cost routing path for message delivery, the messages queue is processed by the Hub Transport servers in the hub site before messages are relayed to their ultimate destination. You can use this feature to ensure that all message delivery is relayed through a particular Active Directory site by designating it as a hub site. For example, the following command designates the Active Directory site MyADSite as a hub site: ______.

Answer 17

Set-AdSite -Identity MyADSite -HubSiteEnabled $true

Question 18

You should be aware that explicit Send connectors are ______ by default when the Hub Transport or Edge Transport server role is installed.

Answer 18

created

Question 19

However, implicit and invisible Send connectors are automatically ______ based on the site topology and are used to route messages internally between Hub Transport servers.

Answer 19

computed

Question 20

You should know that Foreign connectors are used to send messages to ______ servers that do not use SMTP—for example, third-party FAX gateway servers.

Answer 20

gateway

Question 21

You should be aware that the Receive connectors you require on a Hub Transport server for internal mail flow are automatically ______ when the Hub Transport server role is installed. A Receive connector that can receive email from the Internet is ______ created when the Edge Transport server role is installed.

Answer 21

created,

automatically

Question 22

If your organization has an Internet-facing Hub Transport server, you need to manually configure ______ connectors.

Answer 22

Send

Question 23

End-to-end mail flow requires that Edge Transport servers are subscribed to the Active Directory site by using the Edge ______ process. If your organization has an Internet-facing Hub Transport server or an unsubscribed Edge Transport server, you need to manually configure ______ connectors to establish end-to-end mail flow.

Answer 23

subscription,

Send

Question 24

The usage ______ (Custom, Internal, Internet, or Partner) determines the default permissions that are assigned on the connector and grants those permissions to trusted security principals.

Answer 24

type

Question 25

You can use the ______ Wizard in the EMC or the EMS ______ cmdlet to create a Send connector. When you use the EMC, you need to specify a usage type for the connector. When you use the EMS, the default usage type is set to Custom.

Answer 25

New Send Connector,

New-SendConnector

Question 26

Send connector permissions determine the types of ______ information that can be sent with the email message.

Answer 26

header

Question 27

You can use the EMS ______ (not the Set-SendConnector) cmdlet to modify the default permissions for a Send connector. You can, however, use the ______ cmdlet to limit the scope of any Send connector so that it is usable only by other Hub Transport servers in the same Active Directory site. You can also use this cmdlet to configure whether the connector delivers email by using DNS address resolution or by routing messages to a smart host, the maximum message size, and the connection inactivity time-out.

Answer 27

Add-ADPermission,

Set-SendConnector

Question 28

If you select the internal usage type for a Send connector, you must route mail through a ______ host. This host handles delivery to the next hop in the delivery destination.

Answer 28

smart,

Question 29

You can use an IP address or the FQDN of the smart host to specify the smart host identity. Smart hosts can be used with any usage type but are ______ for the Internal type. The following EMS command creates a Send connector named Contoso that transmits messages through a smart host named smarthost.contoso.com to Contoso’s mail domain mail.contoso.com: ______.

Answer 29

mandatory,

New-SendConnector –Internet –Name Contoso –Addresspaces smtp:mail.contoso.com –Smarthosts smarthost.contoso.com

Question 30

You can use the ______ or the Set-SendConnector cmdlets with the ConnectionInactivityTimeOut parameter to create or configure a Send connector that specifies the maximum time that an idle connection can remain open. For example, the following command configures the send connector SendConnector01 with a maximum message size of 5 MB and a maximum time for which an idle connection can remain open of 20 minutes: ______.

Answer 30

New-SendConnector,

Set-SendConnector –Identity SendConnector01 -MaxMessageSize 5MB -ConnectionInactivityTimeOut 00:20:00

Question 31

The address space for a Foreign connector specifies the recipient ______ to which this connector routes email.

Answer 31

domains

Question 32

You can specify either SMTP address spaces or non-SMTP address spaces. You can use the scope of a Foreign connector to control the ______ of that connector within your Exchange organization.

Answer 32

visibility

Question 33

You can create a Foreign connector on a Hub Transport server by using the EMS ______ cmdlet.

Answer 33

New-ForeignConnector

Question 34

You can configure an existing Foreign connector by using the EMS ______ cmdlet. For example, the following EMS command creates a Foreign connector named ForeignConnector01. The address space type is X.400, and the X.400 address space is c=US;a=Adatum;P=Contoso. The address space cost is 5, and the source Hub Transport server is VAN-EX1: ______.

Answer 34

Set-ForeignConnector,

New-ForeignConnector -Name ForeignConnector01 -AddressSpaces “X400:c=US;a=Adatum;P=Contoso;5” -SourceTransportServers VAN-EX1

Question 35

When you install the Hub Transport server role, two ______ connectors are created.

Answer 35

Receive

Question 36

During installation of the Edge Transport server role, one ______ connector is created. This is configured to accept SMTP communications from all IP address ranges and is bound to all IP addresses of the local server. It is configured with the Internet usage type and accepts anonymous connections. Typically, no additional ______ connectors are required on an Edge Transport server.

Answer 36

Receive,

Receive

Question 37

You can specify Receive connector ______ types, permissions, bindings, and message size for a new Receive connector or configure them for an existing connector.

Answer 37

usage

Question 38

As with Send connectors, you can configure the usage type of a Receive connector and determine the default security settings for that connector. You might also need to configure bindings by using the RemoteIPRanges parameter. For example, the following command creates the Receive connector Receive Connector01 with the Custom usage type. This connector listens for incoming SMTP connections on the IP address 10.10.10.1 and port 25 and accepts incoming SMTP connections only from the IP range 192.168.8.1 through 192.168.8.127: ______.

Answer 38

New-ReceiveConnector -Name ReceiveConnector01 -Usage Custom -Bindings 10.10.10.1:25 -RemoteIPRanges 192.168.8.1-192.168.8.127

Question 39

You might also need to configure permissions. For example, if you want a Hub Transport server to receive email from the Internet, you would select the ______ Users permission group for the default Receive connector on the server.

Answer 39

Anonymous

Question 40

You can also create and configure additional Receive connectors in order to specify a maximum message size, a connection time-out, or a connection activity time-out for traffic from specified IP addresses, where these settings are different from those specified by default Receive connectors. The following command specifies a maximum message size of 100 MB, a connection timeout of 20 minutes, and a connection inactivity timeout of 15 minutes for the ReceiveConnector01 Receive connector: ______.

Answer 40

Set-ReceiveConnector –Identity ReceiveConnector01 –MaxMessageSize 100MB -ConnectionTimeout 00:20:00 -ConnectionInactivityTimeout 00:15:00

Question 41

You should be aware that the server originating a message and the server receiving it exchange certificates from a ______ trusted CA.

Question 42

Exchange 2010 Setup creates a self-signed certificate and TLS is enabled by default. You can ______ this certificate to use it on additional servers. If necessary, you can replace it with certificates that are issued by a trusted third-party CA.

Answer 42

clone

Question 43

You can use the EMS ______ cmdlet to generate TLS keys. These keys consist of the TLS certificate and related private keys. You can specify certificate metadata that enables different services to use the same certificate and private key. This metadata is stored in fields in the resulting certificate. You can also generate a certificate request that you can send to a third party or other public key infrastructure CA.

Answer 43

New-ExchangeCertificate

Question 44

Running the ______ cmdlet without parameters generates a self-signed certificate with the FQDN of the server as the subject name.

Answer 44

New-ExchangeCertificate

Question 45

You can use this self-signed certificate for direct trust authentication and encryption between Edge Transport servers and Hub Transport servers. The certificate is published to Active Directory so that Exchange direct trust can validate the authenticity of the server for MTLS. You can also specify subject name and whether the private key is exportable. For example, the following EMS command creates a certificate with an exportable private key and a subject name defined by Country/Region = US, Organization = Adatum.com, and Common Name = mail.adatum.com: ______.

Answer 45

New-ExchangeCertificate –SubjectName “c=US, o=adatum.com, cn=mail.adatum.com” –PrivateKeyExportable $true

Question 46

You can use the ______ cmdlet to generate a certificate request that you can send to a CA. You can output the request to the command-line console; send the certificate request to a local, external, or commercial CA; or save the certificate request to a text file. The following EMS command generates a certificate request with a subject name c=UK, o=Blue Sky Airlines, cn=mail.blueskyairlines.co.uk, a subject alternate name blueskyairlines.co.uk, and an exportable private key: ______.

Answer 46

New-ExchangeCertificate,

New-ExchangeCertificate -GenerateRequest -SubjectName “c=UK,o=Blue Sky Airlines,cn=mail.blueskyairlines.co.uk” -DomainName blueskyairlines.co.uk -PrivateKeyExportable $true

Question 47

As an Exchange professional, you know that anonymous relay on Internet SMTP can be a serious security deficiency. You should therefore be aware that In Exchange 2010, relaying is typically handled by using ______ domains.

Answer 47

accepted

Question 48

An ______ relay domain is a domain for which the Exchange organization accepts email messages from external locations but does not process them locally, and forwards them to an external mail server.

Answer 48

external

Question 49

An ______ relay domain is a domain for which the Exchange organization accepts email messages from external locations but forwards them to another internal mail system.

Answer 49

internal

Question 50

You should be aware that MTLS authenticates the ______ for the recipient and the recipient for the server, and that some implementations of TLS (for example, SSL) do not.

Answer 50

sender

Question 51

Exchange 2010 attempts to use TLS for all remote connections, and all traffic between Edge Transport servers and Hub Transport servers is authenticated and encrypted by using ______.

Answer 51

MTLS

Question 52

You can require TLS authentication on Send and Receive connectors. For example, the following EMS command creates a Receive connector for incoming messages on port 25 from the IP address range 10.10.0.1 through 10.10.0.24 and specifies that all messages coming from this range must use TLS: ______.

Answer 52

New-ReceiveConnector –Name Secure –Bindings 0.0.0.0:25 –RemoteIPRanges 10.10.0.1-10.10.0.24 –RequireTLS $true

Question 53

You should be aware that the maximum size of messages specified for an IP site link sent through a Send connector is not always the same as the maximum message size configured on a Send connector. By no means do all the messages that are sent through a Send connector pass over an IP site link. Remember that if a message is subject to both Send connector and sitelink restrictions, the ______ of the two maximum message sizes applies.

Answer 53

smaller

Question 54

You use the ______ cmdlet to view configuration information about an Active Directory IP site link. You use the ______ cmdlet to configure maximum message size.

Answer 54

Get-AdSiteLink,

Set-AdSiteLink

Question 55

By default, Exchange 2010 does not limit the size of messages that are relayed between Hub Transport servers in different Active Directory sites, but it might become necessary to specify size limits because of traffic considerations. For example, the following command sets the maximum message size on the Active Directory IP site link LINKAB to 1 GB: ______.

Answer 55

Set-AdSiteLink -Identity LINKAB -MaxMessageSize 1GB

Question 56

The default value for the maximum size of a message sent by a Send connector is ______ MB.

Answer 56

10

Question 57

You can use the MaxMessageSize parameter with the EMS ______ or New-SendConnector cmdlet if you need to specify a maximum message size other than the default value. You can also configure the maximum message size on a Receive connector. The following command specifies a maximum message size of 100 MB for the Receive connector ReceiveConnector01: ______.

Answer 57

Set-SendConnector,

Set-ReceiveConnector –Identity ReceiveConnector01 –MaxMessageSize 100MB

Question 58

A Foreign connector has an ______ maximum message size by default. Answer: True. The following EMS command configures the maximum message size on ForeignConnector01 to be 50 MB: ______.

Answer 58

unlimited,

Set-ForeignConnector -Identity ForeignConnector01 –MaxMessageSize 50MB

Question 59

You should know that all traffic between Edge Transport servers and Hub Transport servers is authenticated and encrypted by using ______.

Answer 59

MTLS

Question 60

When you subscribe an Edge Transport server to the Exchange organization, the Edge Subscription publishes the Edge Transport server certificate in ______ for the Hub Transport servers to validate.

Answer 60

Active Directory

Question 61

In turn, the Microsoft Exchange EdgeSync service updates ______ with the set of Hub Transport server certificates for the Edge Transport server to validate.

Answer 61

AD LDS

Question 62

You should be aware that the first routing group connector between Exchange 2010 and Exchange 2003 is created and configured during installation of the first ______ server role in an Exchange 2010 organization.

Answer 62

Hub Transport

Question 63

You use the EMS ______ cmdlet to create a new routing group connector. For example, the following command creates
a bidirectional routing group connector named MyRGC between the Exchange 2010 routing group on the EXCH2010-02 Exchange Server 2010 SP1 Hub Transport server and the routing group associated with the EXCH2003-07 Exchange 2003 back-end server in the adatum.com forest: ______.

Answer 63

New-RoutingGroupConnector,

New-RoutingGroupConnector -Name “MyRGC” -SourceTransportServers “ EXCH2010-02.adatum.com” -TargetTransportServers “ EXCH2003-07.adatum.com” -Bidirectional $true

Question 64

You are expected to know that SMTP Send connectors are Send connectors with an SMTP address space type that create a logical connection to remote ______ systems, and are responsible for outbound transmission of email messages.

Answer 64

email

Question 65

If you use the ______ process, it will configure the Send connectors required for mail flow to the Internet and to the Edge Transport servers in your Microsoft Exchange Server 2010 organization. SMTP Receive connectors provide a logical ______ through which all inbound messages are received.

Answer 65

Edge Sync,

gateway

Question 66

The Send connector address space type must be ______ on an Edge Transport server.

Answer 66

SMTP

Question 67

The following EMS command creates a Send connector named SendConnector01 with a usage type of Internet that sends email to all .com Internet sites: ______.

Answer 67

New-SendConnector -Internet -Name SendConnector01 –AddressSpace “SMTP:*.com;1”

Question 68

The following EMS command configures the Send connector SendConnector01 to send email to an address space of the adatum.com domain and all its subdomains: ______.

Answer 68

Set-SendConnector -Identity SendConnector01 –AddressSpace *.adatum.com

Question 69

If an SMTP server on the Internet rejects email messages sent from your domain, you should enable the ______ setting in the protocol logging Properties of the Send connector. You need to enable this setting, and then check the information in the protocol log files.

Answer 69

Verbose

Question 70

SMTP Receive connectors are configured on a ______ basis. They control how that server receives messages from the Internet, email clients, and other messaging servers.

Answer 70

per-server

Question 71

You can configure ______ limits. These limits apply to a specific user object, such as a mailbox, contact, distribution group, or public folder.

Answer 71

user

Question 72

The following five message types generated by a Hub Transport server or an Edge Transport server are exempted from all message size limits: ______.

Answer 72

1. System messages
2. Agent-generated message
3. Delivery status notification (DSN) messages
4. Journal report messages
5. Quarantined messages

Question 73

You should know that TLS is a standard ______ that is used to provide secure web communications on the Internet or on intranets. It enables clients to authenticate servers or, optionally, servers to authenticate clients. It also provides a secure channel by encrypting communications.

Answer 73

protocol

Question 74

TLS is the latest version of the ______ protocol. You should be familiar with obtaining and using certificates for TLS and MTLS and know what certificates are trusted outside your organization.

Answer 74

SSL

Question 75

When TLS is deployed, it typically provides only ______. Sometimes no authentication occurs between the sender and the receiver, and only the receiving server is authenticated. For example, SSL authenticates only the receiving server.

Answer 75

encryption

Question 76

What EMS command do you issue to set an Exchange-specific cost of 1000 on the IP site link MYLINK01?

Answer 76

You issue the Set-AdSiteLink -Identity MYLINK01 -ExchangeCost 1000 command.

Question 77

Email messages from your organization sent to an SMTP server on the Internet are rejected. How do you discover more about this problem?

Answer 77

You enable the Verbose setting in the protocol logging properties of your Send connector, and then check the information in the protocol log files.

Question 78

You want to resubmit messages queued on the server EX-03 after a routing problem has been solved. What EMS command do you issue?

Answer 78

The Retry-Queue -Identity “EX-03\Unreachable” -Resubmit $true command.

Question 79

What EMS command creates a certificate with an exportable private key and a subject name defined by Country/Region = UK, Organization = Contoso.com, and Common Name = mail.contoso.com:

Answer 79

The New-ExchangeCertificate –SubjectName “c=UK, o=contoso.com, cn=mail.contoso.com” –PrivateKeyExportable $true command.

Question 80

You are the Exchange administrator at Fabrikam. You want the Exchange Server 2010 SP1 server named FKM-HT01 that has the Hub Transport server role installed to receive email from the Internet. How should you configure permissions for the default Receive connector on this server?

Answer 80

You should select the Anonymous Users permission group.