Microsoft Microsoft Certifications MS-203 Questions & Answers

• Question 51:

  Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

  others might not have a correct solution.

  After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

  Your company has a Microsoft Exchange Server 2019 hybrid deployment that contains two Mailbox servers named MBX1 and MBX2.

  The company has the departments shown in the following table.

  

  From the on-premises organization, outbound email is sent directly to the Internet by using DNS lookups.

  You are informed that some sales department users send email messages that are identified as spam.

  You need to automatically block the sales department users from repeatedly sending spam.

  Solution: You migrate all the mailboxes of the sales department to Exchange Online.

  Does this meet the goal?

  A. yes

  B. No

  Correct Answer: A

  Exchange Online Protection (EOP) will scan outbound messages from Exchange Online mailboxes.

• Question 52:

  You have a Microsoft Exchange Online tenant that has Office 365 Advanced Threat Protection (ATP) enabled.

  The tenant contains a user named Ben Smith who has a UPN of ben.smith@fabrikam.com. Ben Smith is protected by using an ATP anti-phishing policy.

  Ben Smith reports that emails sent from his personal account of ben.smith@relecloud.com are not delivered to his work email account.

  You need to ensure that personal emails are delivered to the ben.smith@fabrikam.com

  What should you do?

  A. Create a transport rule to assign the MS-Exchange-Organization-PhishThresholdLevel header a value of 2 for the message received from ben.smith@relecloud.com

  B. Add ben.smith@fabrikam.com as a trusted sender to the ATP anti-phishing policy.

  C. Add ben.smith@relecloud.com as a trusted sender to the ATP anti phishing.

  D. Add relecloud.com to the ATP anti-phishing list of misted domains.

  Correct Answer: C

  Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-atp-anti-phishing-policies?view=o365-worldwide

• Question 53:

  You have a Microsoft Exchange Server 2019 organization.

  You add 100 new users and create a mailbox for each user. The new users have the City attribute in Active Directory set to Seattle.

  You need to create a separate global address list (GAL) that contains only users who have the City attribute set to Seattle. The solution must ensure that any new users who have the City attribute of Seattle are added automatically to the new

  GAL.

  What should you do?

  A. From the Azure Active Directory admin center, create an Office 365 group that uses a dynamic membership rule.

  B. From the Exchange admin center, create a new GAL.

  C. Run the New-EmailAddressPolicy cmdlet to create a new email address policy that uses a recipient filter.

  D. Run the New-GlobalAddressList cmdlet to create a new address list.

  Correct Answer: D

  Reference: https://docs.microsoft.com/en-us/exchange/address-books/address-lists/address-lists

• Question 54:

  You have a Microsoft Exchange Server 2019 hybrid deployment.

  You plan to implement Hybrid Modern Authentication (HMA).

  You retrieve the Exchange virtual directory settings, and you discover the following output.

  

  You need to prepare the virtual directories for the planned implementation of HMA. What should you do?

  A. Add OAuth as an authentication method.

  B. Remove NTLM as an authentication method.

  C. Delete https://mail.contoso.com from the ExternalUrl value.

  D. Modify the InternalUrl value to http://mail.contoso.com.

  Correct Answer: A

  Reference: https://docs.microsoft.com/en-us/microsoft-365/enterprise/configure-exchange-server-for-hybrid-modernauthentication?view=o365-worldwide

• Question 55:

  Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while

  others might not have a correct solution.

  After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.

  You have a Microsoft Exchange Online tenant that uses an email domain named contoso.com.

  You need to prevent all users from performing the following tasks:

  Sending out-of-office replies to an email domain named fabrikam.com. Sending automatic replies to an email domain named adatum.com.

  The solution must ensure that all the users can send out-of-office replies and automatic replies to other email domains on the internet.

  Solution: You create two new remote domains.

  Does this meet the goal?

  A. Yes

  B. No

  Correct Answer: A

  Reference: https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/remote-domains/remote-domains

• Question 56:

  You have a Microsoft Exchange Server 2019 organization that uses an Edge Server.

  You plan to implement a hybrid deployment between Exchange Online and Exchange Server.

  You need to ensure that all the email between Exchange Online and Exchange Server 2019 is sent by using the Edge Server.

  Which two hybrid configuration topologies could you deploy to meet the requirements? Each correct answer presents a complete solution.

  A. Modern Minimal

  B. Classic Minimal

  C. Classic Full

  D. Classic Express

  E. Modern Full

  Correct Answer: CE

  Reference: https://www.enowsoftware.com/solutions-engine/what-are-your-exchange-hybrid-options

• Question 57:

  Your company has a Microsoft Exchange Server 2019 organization that contains two servers in a database availability group (DAG).

  The customer service department at the company uses public folders to receive customer communications.

  Only users in the customer service department can read items in the folders.

  For a new customer, you create a mail-enabled public folder that has the default settings.

  The customer reports that when she sends an email message to the email address of the public folder, she receives a non-delivery report (NDR).

  You need to ensure that the public folder can receive email.

  Which public permissions should you configure in Microsoft Outlook?

  A. Grant the Author permission to the Default group

  B. Grant the Author permission to the Anonymous group

  C. Grant the Create items permission to the Anonymous group

  D. Grant the Create items permission to the Default group

  Correct Answer: C

  Reference: https://docs.microsoft.com/en-us/exchange/collaboration/public-folders/mail-enable-or-disable?view=exchserver-2019

• Question 58:

  Your on-premises network contains a proxy server and a firewall. The proxy server is configured to inspect the contents of HTTP and HTTPS sessions to identify disallowed content. Only the proxy server can connect to the internet through

  the firewall.

  You implement Microsoft Exchange Online.

  Users report that they receive an error message when they attempt to connect to their mailbox by using Microsoft Outlook.

  From the internal network, you connect to https://outlookoffice.com/mail and discover a certificate error.

  You discover that the certificate error contains information about a certificate issued by your company's internal certification authority (CA).

  You need to ensure that all the users can connect successfully to their mailbox.

  What should you do?

  A. Install a new root CA certificate on the client computer of each user.

  B. Configure client computers to bypass the proxy server when they access https://*.microsoft.com.

  C. Disable HTTPS content inspection on the proxy server.

  D. Install a new root CA certificate on the proxy server.

  Correct Answer: D

  Reference: https://docs.microsoft.com/en-us/outlook/troubleshoot/connectivity/error-when-outlook-uses-rpc-https-connectserver

• Question 59:

  You have 1,000 user accounts that are each licensed for Microsoft 365. Each user account has a Microsoft Exchange Online mailbox.

  Ten of the user accounts are configured as service accounts for applications. The applications send event notifications to the mailboxes of the service accounts by using SMTP. The developers of each application have delegated access to the mailbox of their respective application. You need to ensure that all the event notifications sent by the applications are retained in the service account mailboxes so that new developers can review older notifications. The developers must be able to view only the notifications for their

  respective application. What should you do?

  A. Replace the service account mailboxes with a single user mailbox that contains a folder for each application.

  B. Replace the service account mailboxes with a single user mailbox that contains Power Automate rules.

  C. Convert the service account mailboxes into shared mailboxes.

  D. Convert the service account mailboxes into mail-enabled users.

  Correct Answer: C

• Question 60:

  You have a hybrid deployment that contains a Microsoft exchange Online tenant and anon premises Exchange Server 2019 server named Server1. Alt users use an email address suffix of @contoso.com.

  On Server1, you create a new mailbox that uses an email address of user1@contoso.com

  Users hosted in Exchange Online report that they receive a non-delivery report (NDR) When they attempt to send email messages to user1@contoso.com. The NDR contains the following text: "User1 wasn't found at contoso.com."

  You verify that the Exchange Online users can send email successfully to the other mailboxes hosted on Server1. Users hosted on Server1 can send email to user1@contoso.com successfully.

  You need to identify what causes the email delivery to fail. What should you use?

  A. the Azure Active Directory admin center

  B. the Exchange admin center

  C. Azure AD Connect Health

  D. the on-premises Exchange admin center

  Correct Answer: C

  It's likely that the new user account hasn't replicated to Azure Active Directory. Azure AD Connect is responsible for account replication between on-prem AD and Azure AD.