Are you struggling for the 70-341 exam? Good news, GreatExam Microsoft technical experts have collected all the questions and answers which are updated to cover the knowledge points and enhance candidates’ abilities. We offer the latest 70-341 PDF and VCE dumps with new version VCE player for free download, and the new 70-341 practice test ensures your 70-341 exam 100% pass.
QUESTION 191
How would you disable the anti malware filtering and ensure that engine updates from microsoft are downloaded and updated.
A. Disable-Antimalwareagent.ps1
B. Set-malwarefilteringserver
C. Disable-Antimalwarescanning.ps1 (probable option)
D. Update-MalwareFilteringServer.ps1 (guessed option)
Answer: B
Explanation:
The Line in Bold and Italics is crucial to this question so pay attention!!!
Disable or Bypass Anti-Malware Scanning
Applies to: Exchange Server 2013
In Microsoft Exchange Server 2013, you can disable or bypass malware filtering of all email messages in transit on a server. This must be done on a Mailbox server.
You may want to disable Exchange 2013 malware filtering if you are using another product for malware filtering. When malware filtering is disabled, the Exchange malware agent is unhooked and not running, and engine updates are not kept up-to-date.
Important:
Bypassing malware filtering should only be done when troubleshooting a problem. When malware filtering is bypassed, the Exchange malware agent remains hooked, and engine updates are kept up-to-date. However, malware filtering is skipped while you attempt to resolve whatever problems you are encountering. After you have finished troubleshooting, you should restore malware filtering.
What do you need to know before you begin?
Estimated time to complete each procedure: 15 minutes
You can only use the Shell to perform this procedure.
Disabling or enabling malware filtering restarts the Microsoft Exchange Transport service on the server. This may temporarily disrupt mail flow in your organization.
Bypassing or restoring malware filtering doesn’t require you to restart any services. However, changes to the setting may take up to 10 minutes to take effect.
If you have multiple Exchange servers performing malware filtering, you must perform these steps on each server.
You need to be assigned permissions before you can perform this procedure or procedures. To see what permissions you need, see the “Anti-malware” entry in the Anti-Spam and Anti-Malware Permissions topic.
For information about keyboard shortcuts that may apply to the procedures in this topic, see Keyboard Shortcuts in the Exchange Admin Center.
Tip:
Having problems?
Ask for help in the Exchange forums. Visit the forums at: Exchange Server, Exchange Online, or Exchange Online Protection.
What do you want to do?
Use the Shell to disable malware filtering on a specific Exchange server
To disable malware filtering, run the following command:
Copy
& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1
Note:
To re-enable malware filtering, use Enable-Antimalwarescanning.ps1 instead of Disable-Antimalwarescanning.ps1.
How do you know this step worked?
To verify that malware filtering is disabled, run the following command and confirm that it returns a value of False:
Copy
Get-TransportAgent “Malware Agent”
Use the Shell to temporarily bypass malware filtering on a specific Exchange server
Important:
Bypassing malware filtering should only be done when troubleshooting a problem. You should restore malware filtering after you have finished troubleshooting.
To temporarily bypass malware filtering, run the following command:
Copy
Set-MalwareFilteringServer <ServerIdentity> -BypassFiltering $true
To restore malware filtering, run the following command:
Copy
Set-MalwareFilteringServer <ServerIdentity> -BypassFiltering $false
How do you know this step worked?
To verify that malware filtering is being bypassed, run the following command and confirm that it returns a value of True:
Copy
Get-MalwareFilteringServer | Format-List BypassFiltering
http://technet.microsoft.com/en-us/library/jj150526(v=exchg.150).aspx
http://www.ntweekly.com/?p=2813
To disable malware filtering, run the following command:& $env:ExchangeInstallPath\Scripts\Disable-Antimalwarescanning.ps1
QUESTION 192
You need to install and configure anti-spam and antimalware filtering.
Which servers should you install the anti-spam agents and enable the anti-spam and antimalware filtering? (Choose two)
A. You should install the anti-spam agents on the Client Access Servers only.
B. You should install the anti-spam agents on the Mailbox servers only.
C. You should install the anti-spam agents on the Client Access Servers and the Mailbox Servers.
D. You should enable antimalware filtering on the Client Access Servers only.
E. You should enable antimalware filtering on the Mailbox servers only.
F. You enable antimalware filtering on the Client Access Servers and the Mailbox Servers.
Answer: BE
Explanation:
http://howexchangeworks.com/2013/06/connection-filtering-in-exchange-2013.html
In Exchange 2013, the anti-spam agents can only be installed on the Mailbox role. But, the connection filtering which is very useful in fighting spam emails is not available in 2013.
Same goes for the attachment filter. Even though CAS proxies emails back and forth (if setup correctly), it is a stateless proxy and can’t have any anti-spam agents on it. http://www.jaapwesselius.com/2013/01/10/installing-exchange-server-2013-part-iii/
In Exchange 2013 the anti-spam functionality (through protocol agents) is running on the Mailbox Server and not on the Client Access Server so all mail, including all spam will hit the Mailbox Server when installed in a configuration as outlined in these blog post series. The anti-spam functionality is enabled using a Powershell script (.\EnableAntiSpamAgents.ps1) and offers Sender and Recipient filtering, content filtering, Sender Reputation and Sender ID filtering.
To activate the ant-spam agents on the Mailbox Server open the Exchange Management Shell and enter the following commands:
CD $Exscripts.\Install-AntiSpamAgents.ps1
http://www.tlglearning.com/LinkClick.aspx?fileticket=dnonu0glRr8%3D&tabid=238
You can’t enable the anti-spam agents on an Exchange 2013 Client Access Server http://social.technet.microsoft.com/Forums/exchange/en-US/5c9f1b51-4a93-4de4-964e-1f53afbb8e8b/how-toconfigure-attachment-filter-agent-on-exchange-2013-
The Malware Filter runs on every 2013 Mailbox server to protect against malware and viruses.
http://blogs.dirteam.com/blogs/davestork/archive/2012/12/06/exchange-and-malware-protection.aspx
QUESTION 193
Hotspot Question
Your company has an Exchange Server 2013 organization.
You configure domain security with a partner organization.
You configure the required connectors.
You plan to verify whether the partner organization configured the required settings for domain security.
You enable logging for the Send connectors and the Receive connectors.
You need to verify that the STARTTLS command is issued by an Exchange server when an email message is sent to the partner organization.
Which log folder should you review? (To answer, select the appropriate folder in the answer area.)
Answer:
QUESTION 194
Hotspot Question
Your company has an Exchange Server 2013 organization.
All servers have the Client Access server role and the Mailbox server role installed.
The DNS Manager is shown in the exhibit. (Click the Exhibit button.)
Use the drop-down menus to select the answer choice that completes each statement.
Answer:
QUESTION 195
Drag and Drop Question
You have an Exchange Server 2013 organization that contains a server named EX1.
EX1 has the Mailbox server role and the Client Access server role installed.
You plan to enable anti-spam protection on EX1.
You need to configure the message hygiene settings for email messages received from the Internet.
The solution must meet the following requirements:
– Place email messages that contain the word Contoso in a quarantine folder.
– Block all email messages sent to former employees who no longer work for the company.
– Reject all email messages sent from a source that has a sender reputation level (SRL) of 7 or greater.
What should you configure? (To answer, drag the appropriate transport objects to the correct requirements. Each object may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.)
Answer:
QUESTION 196
Your company has offices in New York, Paris, and Montreal.
An Active Directory site exists for each office.
You have an Exchange Server 2013 organization that contains two servers in each site.
One server in each site has the Mailbox server role installed and the other server in each site has the Client Access server role installed.
You need to ensure that all of the outbound email from each site is routed through the Client Access server in that site.
Which should you do?
A. Remove the Mailbox servers from the list of source servers on each Send connector.
B. Disable the Microsoft Exchange Transport service on each Mailbox server.
C. Run the Set-SendConnector cmdlet and specify the -FrontendProxyEnabted.True parameter.
D. Run the Set-TransportConfig cmdlet and specify the -InternatSMTPServers:$nult parameter.
Answer: C
Explanation:
http://exchangeserverpro.com/exchange-2013-front-end-proxy/
http://blogs.technet.com/b/exchange/archive/2013/01/25/exchange-2013-client-access-server-role.aspx
http://www.msexchange.org/articles-tutorials/exchange-server-2013/planning-architecture/exchange-2013-mail-flow-part3.html
QUESTION 197
You have an Exchange Server 2010 organization.
Users access Outlook Web App by using the name mail.contoso.com.
You deploy Exchange Server 2013 to the existing organization.
You change the DNS record of mail.contoso.com to point to an Exchange Server 2013 Client Access server.
The users report that they can no longer access their mailbox from Outlook Web App.
The OWA virtual directory in Exchange Server 2010 is configured as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that the users on Exchange Server 2010 can access Outlook Web App.
Which setting should you change?
A. WindowsAuthentication
B. FormsAuthentication
C. LegacyRedirectType
D. FailbackUri
Answer: A
Explanation:
Windows Authentication (NTLM) needs to be enabled on the Exchange 2010 Client Access Server to enable the Exchange 2013 Client Acess Server to proxy connections.
Exchange Server Deployment Assistant
Enable and configure Outlook Anywhere
To allow your Exchange 2013 Client Access server to proxy connections to your Exchange 2007 and Exchange 2010 servers, you must enable and configure Outlook Anywhere on all of the Exchange 2007 and Exchange 2010 servers in your organization. If some Exchange 2007 or Exchange 2010 servers in your organization are already configured to use Outlook Anywhere, their configuration must also be updated to support Exchange 2013. When you use the steps below to configure Outlook Anywhere, the following configuration is set on each Exchange 2007 and Exchange 2010 server:
The Outlook Anywhere external URL is set to the external hostname of the Exchange 2013 server.
Client authentication, which is used to allow clients like Outlook 2013 to authenticate with Exchange, is set to Basic.
Internet Information Services (IIS) authentication, which is used to allow Exchange servers to communicate, set to NTLM and Basic.
QUESTION 198
You have an Exchange Server 2013 organization that contains two Mailbox servers and two Client Access servers.
You have a database availability group (DAG) that contains both Mailbox servers.
You need to deploy public folders.
What should you do first?
A. Run the New-PublicFolderDatabase cmdlet and specify the -Server parameter.
B. Run the New-PublicFolder cmdlet and specify the -Path parameter.
C. Run the New-Mailbox cmdlet and specify the -Publicfolder parameter.
D. Run the New-MailboxDatabase cmdlet and specify the -PublicFotderDatabase parameter.
Answer: C
Explanation:
Set Up Public Folders in a New Organization
New-Mailbox -PublicFolder -Name MasterHierarchy
http://www.msexchange.org/articles-tutorials/exchange-server-2013/migration-deployment/migrating-publicfolders-exchange-2013-part1.html
http://www.msexchange.org/articles-tutorials/exchange-server-2013/migration-deployment/migrating-publicfolders-exchange-2013-part2.html
QUESTION 199
You have an Exchange Server 2013 organization.
You need to install the Hub Transport server role on a new server.
You install all the prerequisites for the Hub Transport role on the server.
What should you do next?
A. From Windows PowerShell, run the Add-WindowsFeature cmdlet.
B. From Windows PowerShell, run the Install-TransportAgent.ps1 script.
C. At the command prompt, run Setup.com /M:Install /R:HT.
D. At the command prompt, run ServerManagerCmd.exe -IP Exchange-HUB.xml.
Answer: C
QUESTION 200
You have an Exchange Server 2013 server that has the Mailbox, Hub Transport, and Client Access server roles installed.
You need to ensure that users can send and receive e-mail by using Windows Live Mail or Microsoft Outlook Express.
What should you do on the server?
A. Install and then configure the SMTP server feature.
B. Start the Microsoft Exchange POP3 service and then set the startup type to Automatic.
C. Modify the properties of the MSExchangePOP3 (TCP-in) Windows Firewall rule.
D. Modify the properties of the MSExchangeMailSubmission – RPC (TCP-in) Windows Firewall rule.
Answer: B
Explanation:
By default, pop3 is set to manual.
QUESTION 201
You have an Exchange Server 2013 server named Server1.
Server1 has a single mailbox database named DB1.
You configure deleted items to be retained for 30 days.
You need to ensure that each item that passes the retention period is removed daily between 2:00 and 6:00.
What should you do?
A. Run the Set-RetentionPolicy cmdlet.
B. Run the Start-ManagedFolderAssistant cmdlet.
C. Modify the maintenance schedule for DB1.
D. Modify the messaging records management (MRM) schedule for Server1.
Answer: C
Explanation:
In the question it says nothing about a Retention policy.
To configure deleted items to be retained for 30 days we can do it on a database level, using this cmdlet:
Set-MailboxDatabase -Identity “DB1” -DeletedItemRetention 30.00:00:00
And after the above, configure the maintenance of DB1 using the Set-MailboxDatabase cmdlet with the – MaintenanceSchedule parameter.
QUESTION 202
You have an Exchange Server 2013 organization.
You need to create a resource record in DNS to support Autodiscover from the Internet.
What type of resource record should you create?
A. Host (A)
B. Text (TXT)
C. Pointer (PTR)
D. Mail exchange (MX)
Answer: A
QUESTION 203
You have an Active Directory forest named contoso.com.
You install a new Exchange Server 2013 organization that contains a Client Access server named CAS1.
You need to configure certificates in the organization to support the following client connections:
Autodiscover Outlook Anywhere Exchange ActiveSync
What should you do?
A. Reissue a self-signed certificate to CAS1.
B. Configure the default Web site on CAS1 to require SSL.
C. Issue a trusted certificate that contains multiple subject alternate names.
D. Install Active Directory Rights Management Service (AD RMS) on a member server.
Answer: C
QUESTION 204
You have an Exchange Server 2013 organization.
The organization is authoritative for the domain contoso.com.
You create a federated trust.
You need to ensure that federated partners can automatically locate the Client Access servers in the organization.
What should you create from an external DNS server?
A. an A record for autodiscover.contoso.com
B. an A record for FederatedSharing.contoso.com
C. an SRV record for _autodiscover._TCP._msdcs.contoso.com
D. an SRV record for _FederatedSharing._UDP._msdcs.contoso.com
Answer: A
Explanation:
As mentioned in another question, this should actually be a CNAME record, according to Technet, but I left this in here as an A record for contoso.com would need creating before the CNAME for autodiscover.contoso.com. The exam will only mention CNAME records though.
QUESTION 205
You have an Exchange Server organization.
The organization contains a server named EX01 that has Exchange Server 2010 installed and a server named EX02 that has Exchange Server 2013 installed.
Your mailbox is hosted on EX01.
You need to access the Exchange Admin Center (EAC).
Which URL should you use?
A. https://EX01/ecp?ExchClientVer= 14
B. https://EX02/ecp?ExchClientVer= 15
C. https://EX02/eac?ExchClientVer=15
D. https://EX01/ecp?ExchCfientVer=15
Answer: B
Explanation:
http://technet.microsoft.com/en-us/library/jj150562(v=exchg.150).aspx
If you’re in a coexistence scenario, where you’re running Exchange 2010 and Exchange 2013 in the same organization, and your mailbox is still housed on the Exchange 2010 Mailbox server, the browser will default to the Exchange 2010 ECP.
You can access the EAC by adding the Exchange version to the URL.
For example, to access the EAC whose virtual directory is hosted on the Client Access server CAS15-NA, use the following URL: https://CAS15-NA/ecp?ExchClientVer=15.
Conversely, if you want to access the Exchange 2010 ECP and your mailbox resides on an Exchange 2013 Mailbox server, use the following URL:
https://CAS14-NA/ecp?ExchClientVer=14.
QUESTION 206
Your network contains an Active Directory forest named contoso.com.
The forest contains the domain controllers configured as shown in the following table.
You plan to deploy an Exchange Server 2013 organization to the forest
A company policy prevents administrators from logging on to DC2 to perform installations.
You need to prepare the Active Directory schema for the planned Exchange Server deployment.
You verify that your user account has all the required permissions to achieve the task.
The solution must minimize changes to the Active Directory infrastructure.
A. Move the schema master role to DC1, and then run Exchange setup.
B. Deploy a member server to contoso.com, and then move the server to the West site.
Run adprep.exe from the member server.
C. Log on to DC3 and then run Exchange setup.
D. Log on to any server in the West site, and then run Exchange setup.
Answer: A
Explanation:
Prepare Active Directory and domains for Exchange 2013. The first step in getting your organization ready for Exchange 2013 is to extend the Active Directory schema.
Exchange stores a lot of information in Active Directory but before it can do that, it needs to add and update classes, attributes, and other items. Before you extend your schema, there are a few things to keep in mind:
* The only way to extend the schema for Exchange is to use Setup.exe in Windows Command Prompt or use Exchange 2013 Setup. Other ways of extending the schema aren’t supported.
* The computer where you’ll run the command to extend the schema needs to be in the same Active Directory domain and site as the schema master.
We can accomplish this be by moving the schema master role to DC, and then run Exchange setup.
Incorrect answers:
Not B: Adprep is used to upgrade the Active Directory infrastructure forest to a newer version such as to Windows Server 2008. Adprep is not used for Exchange Server infrastructure changes. Not C: Exchange Setup must be run from the Schema master. DC3 does not have the schema master role.
Not D: Only DC2 in the West site has the Schema master role.
We cannot run Exchange Setup from the other servers in the West site.
https://technet.microsoft.com/en-us/library/bb125224%28v=exchg.150%29.aspx
QUESTION 207
You have an Exchange Server 2013 organization.
A new policy requires that all iPhone users access their on-premises mailbox by using the OWA for iPhone app.
You need to ensure that push notifications for the OWA for iPhone app are configured before the users install the app.
Which three actions should you perform? Each correct answer presents part of the solution.
A. Configure Microsoft Azure Active Directory Sync (Azure AD Sync).
B. Modify the EWS virtual directory.
C. Enable push notifications proxy.
D. Enroll in Microsoft Office 365 for business.
E. Modify the OWA virtual directory.
F. Set up on premises Exchange 2013 to Office 365 Authentication.
Answer: CDF
Explanation:
Configuring push notifications proxying for OWA for Devices
To enable push notifications, the admin must:
1. (D) Enroll your organization in Office 365 for business.
2. Update all on-premises servers to Exchange Server 2013 Cumulative Update 3 (CU3) or later.
3. (F) Set up On-premises Exchange 2013 to Office 365 Authentication
4. (C) Enable push notifications from the on-premises Exchange Server 2013 to Office 365 and verify that push notifications are working.
Incorrect answers:
Not A: There is no need to configure Microsoft Azure Active Directory Sync.
Not B: You do not have to modify the EWS virtual directory.
Not E: You do not have to modify the OWAvirtual directory.
https://technet.microsoft.com/en-us/library/dn511017%28v=exchg.150%29.aspx
QUESTION 208
You have an Exchange Server 2010 organization.
You deploy several Exchange Server 2013 servers to the organization and you deploy the required certificates.
You attempt to connect to an Exchange Server 2013 server by using Outlook Web App and you discover the error message shown in the exhibit (Click the Exhibit button.)
Exhibit: * Missing*
You need to prevent the error message from appearing when users access Outlook Web App on the new servers.
What should you do?
A. Remove the Exchange Server 2010 servers from the organization.
B. Run the Remove-ExchangeCertificate cmdlet.
C. From the Exchange Management Console, remove the certificates from the Exchange Server 2010 servers.
D. From the Exchange Admin Center, modify the properties of the OWA virtual directory.
Answer: B
Explanation:
We remove the Exchange Server 2010 servers certificates.
The certificates are removed with the Remove- ExchangeCertificate cmdlet.
Note that the Exchange 2010 SSL certificate can be re-used if it contains the correct namespaces. You can export the SSL certificate from Exchange 2010 and import it into Exchange 2013. However, if the names on the certificate are not correct, or the certificate is due to expire soon anyway, you may find it easier to simply acquire a new SSL certificate.
Incorrect answers:
Not A: We must remove the certificate for the Exchange Server 2010 servers. If you just remove the Exchange Server 2010 servers the certificates for them would still cause problems.
Not C: We cannot remove the certificates from the Exchange Management Console.
Not D: Modifying the OWA virtual directory would not address the certificate problem.
https://technet.microsoft.com/en-us/library/aa997569%28v=exchg.150%29.aspx
QUESTION 209
A company named Contoso, Ltd. has an Exchange Server 2013 organization that contains two servers.
Contoso has a subsidiary named Fabrikam, Inc.
All users have mailboxes in the Contoso organization.
You implement an address book policy (ABP) for the users from Fabrikam.
A company policy states that the users from Contoso must not be able to view the contact cards of the Fabrikam users.
You need to implement a solution to meet the requirement of the company policy.
Which two actions should you perform? Each correct answer presents part of the solution.
A. Run the New-TransportRule cmdlet
B. Modify the properties of the ABP.
C. Run the Set-TransportConfig cmdlet.
D. Run the Set-Mailbox cmdlet.
E. Install and Enable the Address Book Policy Routing agent.
F. Modify the properties of the global address list (GAL).
Answer: EF
Explanation:
F: First we modify the properties of GAL of the ABP so that only Fabrikam users can access the ABP.
An Address Book Policy consists of a subset of the various address objects that exist in the.
The resulting scope of an ABP is equal to that of the GAL contained in the policy, Note: Global address list (GAL) segmentation (also known as GAL segregation) is the process whereby administrators can segment users into specific populations to provide customized views of their organization’s GAL. Address book policies (ABPs) allow you to segment users into specific groups to provide customized views of your organization’s global address list (GAL). When creating an ABP, you assign a GAL, an offline address book (OAB), a room list, and one or more address lists to the policy. You can then assign the ABP to mailbox users, providing them with access to a customized GAL in Outlook and Outlook Web App. The goal is to provide a simpler mechanism to accomplish GAL segmentation for on- premises organizations that require multiple GALs. .
E: If you’re using ABPs, and you don’t want users in separate virtual organizations to view each other’s potentially private information, you can turn on the Address Book Policy Routing agent. The ABP Routing agent is a Transport agent that controls how recipients are resolved in your organization. When the ABP Routing agent is installed and configured, users that are assigned to different GALs appear as external recipients in that they can’t view external recipients’ contact cards.
Incorrect answers:
Not A: The New-TransportRule cmdlet is used to create transport rules in your organization, but transport rules does not affect the ABP.
Not B: The properties of the ABP would not affect which users can view contact information or not. This is decided by the GAL of the ABP.
Not C: The Set-TransportConfig cmdlet is used to modify the transport configuration settings for the whole Exchange organization, but it would not affect the ABP.
Not D: We can use the Set-Mailbox cmdlet with the AddressBookPolicy parameter to assign the ABP to users, but here the ABP is already implemented for the users (and we assume it has already been assigned to the users).
https://technet.microsoft.com/en-us/library/hh529948%28v=exchg.150%29.aspx
QUESTION 210
Your company has a main office and three branch offices.
You have an Exchange Server 2013 organization. The main office contains five Exchange servers. Each branch office contains two Exchange servers. All of the servers have all of the Exchange server roles installed. Each branch office contains one database availability group (DAG).
You need to recommend a load balancing solution for the branch offices. The solution must ensure that both servers in each office are the targets of all client connections.
What are two possible recommendations? Each correct answer presents a complete solution.
A. DNS round robin
B. Layer 4 hardware load balancers
C. CAS arrays
D. Network Load Balancing (NLB) clusters
Answer: BC
Explanation:
B: The use of hardware load balancers is still supported for Exchange 2013.
C: In Exchange 2010, Microsoft introduced the concept of a Client Access array.
After a Client Access array was configured for an Active Directory site, all Client Access servers in the site automatically became members of the array. In current builds of Exchange 2013, no configuration of a Client Access array is required, because the deployment of a load balanced and highly available service is much simpler.
Incorrect answers:
Not A: A: a DNS round robin could in theory be used entirely in place of a hardware load balancer – in fact it’s almost as effective as using Windows Network Load balancing.
However, DNS Round robin is in fact no load balancer.
Not D: Windows Network Load Balancing (WNLB) can’t be used on Exchange servers where mailbox DAGs are also being used because WNLB is incompatible with Windows failover clustering. If you’re using an Exchange 2013 DAG and you want to use WNLB, you need to have the Client Access server role and the Mailbox server role running on separate servers.
https://technet.microsoft.com/en-us/library/jj898588%28v=exchg.150%29.aspx
We ensure our new version 70-341 PDF and VCE dumps are 100% valid for passing exam, because GreatExam is the top IT certification study training materials vendor. Many candidates have passed exam with the help of GreatExam’s VCE or PDF dumps. GreatExam will update the study materials timely to make them be consistent with the current exam. Download the free demo on GreatExam, you can pass the exam easily.