Objective 5.5 Exchange 2010

Question 1

You need to know how to use protocol logging to log the SMTP communication between email servers that occurs as part of message delivery. You should know that this traffic is called SMTP ______ and that it occurs on Send connectors and Receive connectors configured on Hub Transport or Edge Transport servers.

Answer 1

conversations

Question 2

The exam might test that you know that protocol logging is ______ by default and is enabled or disabled on a per-connector basis, and that the Receive connectors (and the Send connectors) on a Hub Transport or Edge Transport server share the same protocol log files and protocol log options.

Answer 2

disabled

Question 3

You can use the ______ cmdlet to configure the intraorganization Send connector.

Answer 3

Set-TransportServer

Question 4

The following EMS command enables protocol logging for the intraorganization Send connector: ______.

Answer 4

Set-TransportServer –IntraOrgConnectorProtocolLoggingLevel Verbose

Question 5

The following command disables protocol logging for the intra-organization Send connector, if this has previously been enabled: ______.

Answer 5

Set-TransportServer –IntraOrgConnectorProtocolLoggingLevel None

Question 6

Note that you cannot use the ______ to enable or disable protocol logging for the intra-organization Send connector.

Answer 6

EMC

Question 7

You can use the EMS ______ or ______ to enable or disable protocol logging on a Receive or Send connector, respectively.

Answer 7

Set-ReceiveConnector, or

Set-SendConnector

Question 8

If you use the EMS, then, for example, the following command enables protocol logging for the Default VAN-EX2 Receive connector: ______.

Answer 8

Set-ReceiveConnector “Default VAN-EX2” -ProtocolLoggingLevel Verbose

Question 9

The following command disables protocol logging for the Send connector MySendConnector: ______.

Answer 9

Set-SendConnector MySendConnector -ProtocolLoggingLevel None

Question 10

The following command enables protocol logging for the intra-organization Send connector on the Hub Transport server VAN-EX1: ______.

Answer 10

Set-TransportServer –Identity VAN-EX1 –IntraOrgConnectorProtocolLoggingLevel Verbose

Question 11

You can access a connector’s Properties dialog box in the EMC to change its location. You can also use the ______ cmdlet.

Answer 11

Set-TransportServer

Question 12

Tthe following command moves the Receive connector protocol log directory to C:\ProtolcolLogs\Receive on the Hub Transport server VAN-EX1: ______.

Answer 12

Set-TransportServer –Identity VAN-EX1 -ReceiveProtocolLogPath C:\ProtocolLogs\Receive

Question 13

The following command moves the Send connector protocol log directory to C:\ProtolcolLogs\Send on the same server: ______.

Answer 13

Set-TransportServer –Identity VAN-EX1 -SendProtocolLogPath C:\ProtocolLogs\Send

Question 14

You cannot use the connector Properties dialog box in the EMC to set the maximum size of Receive connector and Send connector protocol log files, you must use the ______ cmdlet.

Answer 14

Set-TransportServer

Question 15

The following command sets the maximum size of Receive connector protocol log files to 15 MB on the Hub Transport server VAN-EX1: ______.

Answer 15

Set-TransportServer –Identity VAN-EX1 -ReceiveProtocolLogMaxFileSize 15MB

Question 16

To set the maximum size of Send connector protocol log files to 20 MB on the Edge Transport server DEN-EDGE1, you would enter the following command: ______.

Answer 16

Set-TransportServer –Identity DEN-EDGE1 -SendProtocolLogMaxFileSize 20MB

Question 17

Store logging provides a database ______ mechanism.

Answer 17

recovery

Question 18

Exchange store logging, or transaction logging, is an Extensible Storage Engine (ESE) recovery mechanism designed to restore an Exchange database to a ______ state after any sudden stoppage. The logging mechanism is also used when creating and restoring online backups.

Answer 18

consistent

Question 19

The exam might expect you to know that diagnostic logs such as agent logs can be configured with one of five logging levels: ______.

Answer 19

1. Lowest (the default),
2. Low,
3. Medium,
4. High, and
5. Expert.

Question 20

You should, however, be aware that protocol logging has only two logging levels: ______ and ______. Changing the diagnostic logging level for a given process can cause additional events to be written to the event log.

Answer 20

Verbose, and

None

Question 21

You can use the EMC Manage Diagnostic Logging Properties Wizard to configure logging levels. You can also use the EMS ______ cmdlet.

Answer 21

Set-EventLogLevel

Question 22

The following command changes the MSExchangeTransport\Agents logging level to High: ______.

Answer 22

Set-EventLogLevel -Identity “MSExchangeTransport\Agents” -Level High

Question 23

You need to know how you can use agent logs to record actions performed on a message by specified anti-spam agents that you have installed and configured on an Edge Transport or Hub Transport server. The exam might ask about the following agents that can write information to the agent log: ______.

Answer 23

1. The connection and content filter agents
2. The edge rules agent
3. The recipient and sender filter agents
4. The sender identity (ID) agent

Question 24

Transport agents act on messages at specific access points in the SMTP command sequence that transports messages through a Hub Transport server or Edge Transport server. These access points are called SMTP ______.

Answer 24

events

Question 25

The anti-spam agent logs on a Hub Transport server are located in the folder ______.

Answer 25

C:\Program Files\Microsoft\Exchange Server\V14\TransportRoles\Logs\AgentLog

Question 26

You can use commands based on the EMS ______ cmdlet on an Edge or Hub Transport server to access the information in an agent log.

Answer 26

Get-AgentLog

Question 27

The following command returns a report containing statistics collected between 09:00 (9:00 AM), October 4, 2011, and 18:00 (6:00 PM), November 5, 2011: ______.

Answer 27

Get-AgentLog -StartDate “10/04/2011 9:00:00 AM” -EndDate “11/05/2011 6:00:00 PM”

Question 28

You can use the EMS ______ script to search the agent logs and obtain anti-spam filtering statistics.

Answer 28

Get-AntiSpamFilteringReport.ps1

Question 29

You can enable or disable agent logging by modifying the Edge ______ file.

Answer 29

Transport.exe.config

Question 30

By default, agent logging is enabled on Hub Transport and Edge Transport servers. You can enable or disable agent logging by modifying the ______ key that is present in the EdgeTransport.exe.config file.

Answer 30

AgentLogEnabled

Question 31

You should be aware that message tracking records the SMTP ______ activity of all messages transferred to and from a Hub Transport, Edge Transport, or Mailbox server.

Answer 31

transport

Question 32

Message tracking is ______ by default on Hub Transport, Edge Transport, and Mailbox servers.

Answer 32

enabled

Question 33

You can use the EMC to disable or enable message tracking on Hub Transport and Edge Transport servers but not on ______ servers.

Answer 33

Mailbox

Question 34

You can use the ______ cmdlet to enable or disable message tracking on Mailbox servers.

Answer 34

Set-MailboxServer

Question 35

You can use the ______ cmdlet to enable or disable message tracking on Edge Transport and Hub Transport servers.

Answer 35

Set-TransportServer

Question 36

The following command disables message tracking on the Hub Transport server VAN-EX2: ______.

Answer 36

Set-TransportServer –Identity VAN-EX2 –MessageTrackingLogEnabled $false

Question 37

The following command enables message tracking on the Mailbox server VAN-EX1 (assuming this has previously been disabled): ______.

Answer 37

Set-MailboxServer –Identity VAN-EX1 –MessageTrackingLogEnabled $true

Question 38

You can use EMS commands to reconfigure the message tracking log location for all three server roles. For example, the following command changes the message tracking log location on the Hub Transport server VAN-EX2 to C:\Logfiles\MessageTracking: ______.

Answer 38

Set-TransportServer –Identity VAN-EX2 -MessageTrackingLogPath C:\Logfiles\MessageTracking

Question 39

You can use the ______, ______, and ______ parameters to change the maximum size of each message tracking log file, to specify the maximum size of the message tracking log directory, and to configure maximum age for an individual message tracking log, respectively.

Answer 39

MessageTrackingLogMaxFileSize,

MessageTrackingLogMaxDirectorySize, and

MessageTrackingLogMaxAge

Question 40

The following command changes the maximum age of message tracking logs on the Mailbox server VAN-EX1 to 40 days: ______.

Answer 40

Set-MailboxServer –Identity VAN-EX1 -MessageTrackingLogMaxAge 40.00:00:00

Question 41

You can use the EMS but not the EMC to enable or disable message ______ logging in message tracking logs on Edge Transport, Hub Transport, and Mailbox servers.

Answer 41

subject

Question 42

The following command disables message subject logging in message tracking logs on the Hub Transport server VAN-EX2: ______.

Answer 42

Set-TransportServer –Identity VAN-EX2 -MessageTrackingLogSubjectLoggingEnabled $false

Question 43

______—one of the ExTRA tools in the EMS—provides details of all message activity as messages are transferred to and from an Exchange server that has the Hub Transport server role, the Mailbox server role, or the Edge Transport server role installed.

Answer 43

Tracking Log Explorer

Question 44

Exchange servers that have the Client Access server role or Unified Messaging server role installed (and none of the other three roles) do not have message ______ logs.

Answer 44

tracking

Question 45

You can also use the EMS ______ cmdlet to locate messages in a tracking log.

Answer 45

Get-MessageTrackingLog

Question 46

The following command accesses all messages with a RECEIVE EventID between the times and dates specified: ______.

Answer 46

Get-MessageTrackingLog –EventID RECEIVE –Start 3/18/2012 5:37:00 AM –End 3/18/2012 5:47:00 AM

Question 47

You might be tested on the use of the ______ cmdlet to change logging levels and the ______ cmdlet to display them.

Answer 47

Set-EventLogLevel,

Get-EventLogLevel

Question 48

You should know that Exchange 2010 records most of its events to the ______ log. However, some events are recorded in other event logs.

Answer 48

application

Question 49

You can use Event viewer to change the size of event logs and alter the path where the logs are stored. You can also use the Windows Server 2008 (and 2008 R2) ______ command-line tool.

Answer 49

Wevtutil

Question 50

The following command, entered in an elevated command prompt, changes the size of the Exchange Auditing log file to 100 MB: ______

Answer 50

Wevtutil sl “Exchange Auditing” /ms:104857600

Question 51

Exchange 2010 makes use of ______ channel logging.

Answer 51

crimson

Question 52

You can ______ EMS command output to a .txt or .csv file. By doing so, you create a file that can be analyzed by (for example) Microsoft Office Excel or third-party reporting software.

Answer 52

redirect

Question 53

You can choose to redirect output that has been previously formatted as a list or table and filtered by the FL or FT cmdlets, or you can use the facilities provided by the reporting software. The following command script creates a file called DecemberStats.csv for future analysis: ______.

Answer 53

Get-MailboxStatistics –Database “MBDB01” | Sort-Object TotalItemSize –Descending | FT > DecemberStats.csv

Question 54

What EMS command changes the maximum size of each message tracking log file on the hub transport server VAN-HUB1 to 25 MB?

Answer 54

The Set-TransportServer –Identity HUB-EX2 -MessageTrackingLogMaxFileSize 25MB command.

Question 55

You are responsible for managing an Exchange Server 2010 SP2 Hub Transport server named VAN-EX01 that supports message tracking. What actions can you take to change the location of the message tracking log file on that server?

Answer 55

You can change the Hub Transport server object properties in the EMC or use the EMS Set-TransportServer cmdlet.

Question 56

What EMS command returns a report containing statistics collected in an agent log between 08:00 hours on October 4, 2012, and 19:00 hours, November 5, 2012?

Answer 56

The Get-AgentLog -StartDate “10/04/2012 8:00:00 AM” -EndDate “11/05/2012 7:00:00 PM” command.

Question 57

An SMTP server on the Internet has rejected some email messages sent from your Exchange 2010 organization. What steps should you take to troubleshoot the problem?

Answer 57

You should access your organization’s Send connectors and enable protocol logging by setting the protocol logging level to Verbose. You should then check the protocol log files.

Question 58

What EMS command do you issue to enable protocol logging for the intraorganization Send connector on an Edge Transport server?

Answer 58

You issue the Set-TransportServer –IntraOrgConnectorProtocolLoggingLevel Verbose command.