70-662

You should view the event log and filter for error messages with an Event source of MSExchangeTransport. Exchange 2010 monitors memory and disk space resources on the transport servers. When a resource is low, it provides back pressure by rejecting e-mail from external domains and logs an error to the event log. The error has an Event source ofMSExchangeTransport. The error number identifies the resource that is low. For example, Error15006 indicates low disk space and Error 15007 indicates low memory.You should not use the Get-AgentLog cmdlet. The Get-AgentLog cmdlet retrieves the latest agentlog. An agent log is used to track actions taken on messages by anti-spam agents.You should not use the Get-MessageTrackingLog cmdlet. The Get-MessageTrackingLog cmdletprovides detailed information about a message's journey through the Exchange transport pipeline.It does not allow you to retrieve information about resource bottlenecks.You should not view the event log and filter for warning messages with an Event source ofResource Manager. You need to filter for an error message with an Event source ofMSExchangeTransport. The messages will have an Event category set to Resource Manager.

You should use the Set-CalendarProcessing cmdlet. The Set-CalendarProcessing cmdletallows you to configure how calendars behave for a mailbox. You can run this cmdlet for thetraining room's mailbox to customize its properties. To ensure that all requests are tentativeuntil they are approved, you can set the AddNewRequestsTentatively parameter to $true.You should not use the Set-MailboxCalendarConfiguration cmdlet. This cmdlet is used tomanage how calendars are handled for Outlook Web App users.You should not use the Set-CalendarNotification cmdlet. This cmdlet allows you to configurehow a user is notified regarding calendar events.You should not use the New-InboxRule cmdlet. This cmdlet allows you to create an Inboxrule that can be applied to perform actions against incoming Inbox items.

You should increase the timeout on the firewall. ActiveSync devices support Direct Push.When a mobile device uses Direct Push, it initiates a long-lived HTTPS request to the ClientAccess server. The Client Access server sends any updates that occur during the length of the request to the mobile device. If no update is necessary by the time the request expires,the server sends a message to the mobile device. After an update or a message that therewas no update is received, the mobile device sends another HTTPS request. If the firewallhas a short timeout value, it will cause mobile devices to send requests more frequently,thus decreasing battery life.You should not configure an ActiveSync policy that requires manual synchronization whileroaming. Configuring this option will reduce roaming charges and possibly batteryconsumption. However, mailboxes will not be automatically synchronized when the user isroaming.You should not decrease the Maximum inactivity time lock in the default ActiveSync policy.When a mobile device uses Direct Push, it initiates a long-lived HTTPS request to the ClientAccess server. The Client Access server sends any updates that occur during the length ofthe request to the mobile device. If no update is necessary by the time the request expires,the server sends a message to the mobile device. After an update or a message that therewas no update is received, the mobile device sends another HTTPS request. If the firewallhas a short timeout value, it will cause mobile devices to send requests more frequently,thus decreasing battery life.You should not configure an ActiveSync policy that requires manual synchronization whileroaming. Configuring this option will reduce roaming charges and possibly batteryconsumption. However, mailboxes will not be automatically synchronized when the user isroaming.You should not decrease the Maximum inactivity time lock in the default ActiveSync policy.This setting affects the duration for locking the mobile device due to inactivity. It does not affect battery consumption.You should not increase the Policy refresh interval in the default ActiveSync policy. The policy refresh interval impacts how frequently ActiveSync Mailbox policy is refreshed.

You should use Active Directory Users and Computers to reset the computer account of the failed server. You must reset the computer account to so that it can be associated with thenew server when the new server is joined to the domain. You can use either Active DirectoryUsers and Computers or dsmod to reset the computer account.

You should give the server the same name as the failed server. By giving the server thesame name as the failed server, it can be associated with the reset computer account whenit is joined to the domain. Because Exchange configuration information is stored in ActiveDirectory, it is essential for the new server to be associated with the existing computer account.

You should not use Active Directory Users and Computers to delete the computer account of the failed server. If you delete the computer account of the failed server, the Exchange configuration information will be lost.

You should not give the server a different name than the failed server. If the new server has a different name than the failed server, it will not be associated with the computer accountwhen it is joined to the domain.

You should configure a legacy host name on the Client Access server. Users need to be ableto continue to access their mail by using OWA. To avoid reconfiguring clients who use OWA,you need to assign the current host name to the new Client Access server. The Client Accessserver will redirect requests for mailboxes still on Exchange 2003 to an Exchange 2003Client Access server by using a legacy URL.

You do not need to suppress link state updates on all Exchange 2003 servers. You suppress link state updates when you add an Exchange 2010 Hub Transport server to an Exchange2003 organization. Exchange 2003 used routing groups to route mail. Exchange 2007 andExchange 2010 use IP site links configured in Active Directory. Link state updates are used to keep Exchange 2003 servers up-to-date with routing topology information. However, since Exchange 2007 and Exchange 2010 servers do not participate in these updates, failing to suppress them can cause routing loops.

You should not decommission the Exchange 2003 Client Access server at the site. The Exchange 2003 Client Access server will need to remain on the network until all mailboxes have been moved to Exchange 2010.

You do not need to install an Exchange 2010 Hub Transport server at the same site as the Client Access server. An Exchange 2010 Client Access server can coexist with Exchange 2003servers. Also, the Hub Transport server is responsible for transporting messages to aMailbox server and does not impact the clients' ability to access their mail using OWA.

• You should use the Add-RoleGroupMember cmdlet to add Carol to the Recipient Management role group. The Add-RoleGroupMember cmdlet is used to add a user to a role group. TheRecipient Management built-in role group provides the ability to manage recipients within theExchange organization. It also provides the ability to perform message tracking as required in this case. For example, in this case, you would run the following cmdlet:Add-RoleGroupMember "Recipient Management" -Member Carol
• You should not make Carol the owner of all of the organization's distribution groups. Thiswould allow her to manage all the distribution groups, but would not allow her to add,modify, or delete recipients or perform message tracking.You should not assign Carol's account to the Exchange Recipient Administrator role. This role is not used with Exchange 2010. Exchange 2010 uses a new role-based access control model to manage what users can or cannot do.
• You should not use the Add-ManagementRoleEntry cmdlet to create a role entry for Carol.The Add-ManagementRoleEntry cmdlet is used to add a role entry to a management role.You can add a role entry to an existing role to allow users assigned to the role permission toperform additional tasks or access additional cmdlets. You would use the Add-ManagementRoleEntry cmdlet and specify the cmdlets and parameters that members of the specified role should be able to use. You might use this to provide more customization for permissions, but it would not allow Carol to manage recipients within your Exchange organization.

You should create an organization relationship. An organization relationship allows you toshare free/busy data with an external federated business partner. You can create anorganization relationship by using the Exchange Management Console or by using the New-OrganizationRelationship cmdlet.

You should not create a sharing policy. Sharing policies can be used to allow Exchange usersto control what mailbox information is shared. The user would be allowed to send sharinginvitations to specific external users.

You should not create a role entry. Exchange 2010 uses a new role-based access controlmodel to manage what users can or cannot do. You can add a role entry to an existing roleto allow users assigned to the role permission to perform additional tasks or accessadditional cmdlets. Roles and role entries are not used to implement federated sharing.

You should not create a custom role assignment policy. Role assignment policies are used tocontrol what a user can do with his own mailbox, not to implement federated sharing.

You should resubmit the messages using Queue Viewer. If a message is put in the poisonmessage queue, it is not automatically resubmitted. One way to resubmit the message is touse the Queue Viewer.

You could also execute Resume-Message to resubmit a message in the poison messagequeue.

You should not execute Retry-Queue. The Retry-Queue cmdlet can be used to resubmit amessage in the unreachable queue or in a mail delivery queue, but not in the poisonmessage queue.

You should not execute Retry-Queue with the Resubmit parameter. Doing so will resubmit amessage in the unreachable queue or in a mail delivery queue, but not in the poisonmessage queue.

You should not restart the Hub Transport service. Restarting the Hub Transport service does not cause messages in the poison message queue or in the undeliverable queue to beresubmitted.

You should create a replica on another public folder database. Public folder replication allowsyou to provide high availability for a public folder. You can use the Set-PublicFolder cmdletwith the Replicas parameter to specify the public folder database(s) that should receive acopy of the public folder.

You should not create a recovery database. A recovery database is a specialized mailboxdatabase that is used for recovery of lost mailbox database data. You restore a mailboxdatabase to a recovery database, and then you can use the Restore-Mailbox cmdlet to retrieve data from it.

You should not implement LCR. LCR was used in Exchange 2007 to allow two identical copiesof a mailbox database to reside on one server. This provided the ability to recover if one ofthe mailbox databases became corrupt.

You should not implement a DAG. A DAG is a collection of up to 16 Mailbox servers that canbe used to replicate mailbox databases to make them highly available by providing failovercapability. If one of the Mailbox servers in the DAG fails, the original Mailbox server wouldfail over to one of the other Mailbox servers in the DAG.

You should create a distribution group named CanDecrypt and configure it as Super Users in the AD RMS cluster. You should also add FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042 to the CanDecrypt distribution group. The OutlookWeb App Decryption Agent requires that the federated mailbox be added to a distributiongroup that is configured as Super Users in the AD RMS cluster.

You should not add the Outlook Web App users to the CanDecrypt distribution group. The users who connect through Outlook Web App do not need to belong to a group that is configured as Super Users in AD RMS. The messages are decrypted by the Outlook Web AppDecryption Agent.

You should not install a certificate on the Client Access server. The Client Access server does not require a certificate to decrypt messages protected by IRM.You should not install a certificate on each client computer. The client computers do not require a certificate to decrypt messages protected by IRM.

You should add the users to the Discovery role group. Members of the Discovery role group are assigned the Legal Hold role, which allows them to prevent a message from being deleted due to the retention policy. They are also assigned the Mailbox Search role, which allows them to search the mailboxes for messages that meet specific conditions.

You should not create a role assignment policy. A role assignment policy is used to identifythe actions a user can perform on his or her mailbox.

You should not assign the users the Legal Hold role. The Legal Hold role allows users toprevent a message from being deleted due to the retention policy. However, it does notgrant the necessary permissions to search all mailboxes.

You should not add the users to the Records Management role group. Members of theRecords Management role group can manage transport rules, journaling rules, and retention policies. They can also view logs and track messages. They cannot search mailboxes or execute a legal hold on messages.

You should use the Set-TransportServer cmdlet. This allows you to modify the configurationfor a transport server, such as HubServer1 in this case. You would modify theTransientFailureRetryInterval parameter for HubServer1.

You should not use the Retry-Queue cmdlet. This cmdlet is used to attempt to forcibly resubmit messages currently in a message queue.

You should not use the Set-TransportConfig cmdlet. This cmdlet is used to modify transportconfigurations for the entire Exchange environment, not just a single transport server.

You should not use the New-UMMailboxPolicy. This cmdlet is used to create a UnifiedMessaging mailbox policy.

You should use the Get-MailboxFolderStatistics cmdlet. The Get-MailboxFolderStatistics returns information about folders within a mailbox. The Identity parameter specifies which mailbox to search, and the FolderScope parameter identifies what folders to search within the mailbox. For example, in this case, you could use the following cmdlet to return information about Tina's Inbox: Get-MailboxFolderStatistics -Identity Tina -FolderScope Inbox

You should not use the Get-MailboxDatabase cmdlet. The Get-MailboxDatabase cmdletreturns information from mailbox databases on a mail server, not information about folderswithin user mailboxes.

You should not use the Get-MailboxStatistics cmdlet. The Get-MailboxStatistics cmdletretrieves information about mailboxes, such as their size, how many items they contain, orwhen they were last accessed. It does not return information about folders within usermailboxes.

You should not use the Get-Mailbox cmdlet. The Get-Mailbox cmdlet retrieves informationabout mailboxes, not information about folders within user mailboxes.

• You should use the following cmdlet:
• Restore-Mailbox -Identity Steve -RecoveryDatabase RecoveryDB1 -RecoveryMailbox Ann -TargetFolder MyRecoveryFolder
• You can use the Restore-Mailbox cmdlet to retrieve data from a recovery database. The Identity parameter specifies the mailbox to which the data will be retrieved. TheRecoveryDatabase parameter specifies the name of the previously created and populatedrecovery database. The RecoveryMailbox parameter specifies the mailbox in the recoverydatabase that should be recovered. The TargetFolder parameter specifies a new folder namethat is created to hold the recovered data in the target mailbox.

You should not use the following cmdlet:Restore-Mailbox -Identity Ann -RecoveryDatabase RecoveryDB1 -RecoveryMailbox Steve -TargetFolder MyRecoveryFolder This cmdlet specifies Ann as the target mailbox and Steve as the mailbox to recover. This is the opposite of what you need.

You should not use the following cmdlet: Restore-Mailbox -Identity Steve -RecoveryDatabase RecoveryDB1 -RecoveryMailbox Ann This cmdlet does not specify a TargetFolder parameter, which is required when you recover one mailbox to a different mailbox. You can specify the same mailbox for both the Identityand RecoveryMailbox parameters. When doing so, the TargetFolder parameter is not required, and the recovered data is merged into the existing mailbox.

You should not use the following cmdlet:Restore-Mailbox -Identity Ann -RecoveryDatabase RecoveryDB1 -RecoveryMailbox SteveThis cmdlet specifies Ann as the target mailbox and Steve as the mailbox to recover. This is the opposite of what you need. In addition, this cmdlet does not specify a TargetFolderparameter, which is required when you recover one mailbox to a different mailbox.

You should install Microsoft Forefront Security on the Edge Transport, Hub Transport, andMailbox servers. Forefront Security provides antivirus capabilities. When a message isscanned, it is stamped by Forefront. When a stamped message arrives in a queue on another server, it is not rescanned; thus eliminating redundant virus scans and reducing resource consumption.

You should not install Microsoft Forefront Security only on the Edge Transport server.Messages sent to internal users by internal users do not travel through the Edge Transportserver. Therefore, they would not be scanned for viruses.

Enabling content filtering and attachment filtering will not cause messages to be scanned forviruses. Content filtering performs anti-spam filtering based on the characteristics of themessage. Attachment filtering allows you to reject specific types of attachments.

You should create a custom address list for each branch office. Creating a custom addresslist for each branch office would allow each branch office employee to easily select arecipient from their branch office. You can specify the users that should be included in eachcustom address list. If the user needed to send a message to a user in a different branch,they could access the global address list (GAL), which would contain all recipients in theorganization.

You should not create a global address list for each branch office. The GAL contains all recipients in the Active Directory forest.


You should not create a custom address list for the entire organization. This would include all users in a single address list, and would make it more difficult to select recipients when sending messages to other users in the same branch office.

You should not create a default address list for each branch office. You cannot create additional default address lists. Default address lists are created, automatically populated,and automatically maintained by Exchange. Exchange creates the following default addresslists: All Contacts, All Groups, All Rooms, All Users, Default Global Address List, and PublicFolders.

You should create an exclusive scope. You associate an exclusive scope with a roleassignment to ensure that only users who belong to that role assignment are allowed toperform actions on the objects covered by the scope. In this example, you would create arole assignment that includes mailbox administrators who have security clearance and anexclusive scope that includes the mailboxes of users in the SpecialProjects department.You should not create a regular scope. A regular scope does not exclude users who aregranted management permission through another role assignment from managing the objects.You should not create a role assignment policy. A role assignment policy is used to identifythe actions a user can perform on his or her mailbox.Creating a role group is not sufficient to meet the requirements. A role group is a universalgroup that contains members who should be granted a role assignment. While you mightcreate a role group to make managing the members of the exclusive role assignment easier,doing so will not meet the requirements.

You should run the Mail Flow Troubleshooter. The Mail Flow Troubleshooter can be used to determine why mail is not being sent or received or to determine the reason for other mail problems, such as why mail delivery is delayed. You can select the issues that you are experiencing, and the Mail Flow Troubleshooter will analyze the problem and make suggestions about how to correct the problem.

You should not run the Exchange Best Practices Analyzer (ExBPA). ExBPA analyzes anExchange installation and identifies potential problems with the topology. You would run theExBPA after completing an Exchange installation.

You should not run the Remote Connectivity Analyzer. The Exchange Remote ConnectivityAnalyzer Tool performs several connectivity tests and uses the results to analyze possibleconnectivity situations to facilitate resolving connectivity issues. It is a Web-based tool thatyou can use to troubleshoot connectivity issues, such as SMTP connectivity problems,ActiveSync connectivity problems, or Outlook Anywhere connectivity problems.

You should not review the message tracking log file. Although you could review the trackinglog file, this would not be the best choice because it would require much more effort thanusing the Mail Flow Troubleshooter would. The tracking log file contains detailed informationabout all messages.

• You should run the Set-TransportServer cmdlet to set the MessageExpirationTimeoutparameter. The Set-TransportServer cmdlet is used to modify the configuration settings for an Edge Transport or Hub Transport server. The MessageExpirationTimeout parameter represents how long a message can remain in the message queue before it is considered a permanent failure and returned to the sender. The MessageExpirationTimeout parameter is specified with a format of dd.hh:mm:ss. In this case, to meet the requirement of only allowing messages to remain in the queue for three hours, you would run the following cmdlet on the Edge transport server:
• Set-TransportServer -MessageExpirationTimeout 00.03:00:00

You should not run the Set-TransportServer cmdlet to set the MessageRetryInterval parameter. The MessageRetryInterval parameter represents the amount of time the server waits after failing to connect to a remote server before retrying.

You should not export Server03's configuration to an XML file, modify the XML file, and reimport it. You do not modify transport server settings by using this approach. You can export the configuration of one server and import it to another Edge Transport server to create an identical server configuration. But, you would not export and re-import on the same server.

You should not use Microsoft Exchange Management Console to modify the Transient failure retry attempts setting. The Transient failure retry attempts setting defines a limit for the number of times the server retries after the connection with a remote server is lost. It does not affect how long messages can remain in the message queue. In Exchange ManagementConsole, you can use the Limits tab and set the Maximum time since submission (days)option to control how long messages can remain in the queue, but you can only use day intervals, not hours as required in this case.

You should use Set-TransportServer. The -ConnectivityLogMaxAge option allows you to set the maximum age for a connectivity log file. When the maximum age is reached, the file willbe deleted.

• You should not use Exchange Management Console. You can use Exchange ManagementConsole to enable connectivity logging, disable connectivity logging, or change the log file location. You cannot set the maximum age or maximum file size by using Exchange Management Console.
• You should not use Event Viewer. The connectivity log file is not an Event Viewer log file.Therefore, you cannot configure its maximum age using Event Viewer.
• You should not use Set-AdminAuditLogConfig. This cmdlet allows you to enable auditing ofExchange Shell Management utility usage.

You should use the Move-DatabasePath cmdlet. This cmdlet allows you to change the storage path for the mailbox database and the log files to a different location on the same server.The database will automatically be dismounted while the files are being moved.

You should not use the Set-MailboxDatabase cmdlet. This cmdlet allows you to set propertieson a mailbox database, not move the files to a new location.

You should not use the New-MoveRequest cmdlet. This cmdlet is used to move one or moremailboxes to a new mailbox database on the same server or on a different server.

You should not use the Move-Mailbox cmdlet. This cmdlet was used in earlier versions ofExchange to move mailboxes from one database to another. It has been deprecated in Exchange 2010.

• You should execute:Test-ServiceHealth
• The Test-ServiceHealth cmdlet verifies that all services necessary for Exchange to perform the configured roles are started. You do not need to specify the roles. All installed roles will be checked.

• You should not execute:Test-SystemHealth
• The Test-SystemHealth cmdlet is used to check whether the Exchange server is configured according to best practices.

• You should not execute:Test-SystemHealth -Roles HT,CA
• The Test-SystemHealth cmdlet is used to check whether the Exchange server is configured according to best practices. Also, the -Roles option is for internal Microsoft use.

• You cannot execute:Test-ServiceHealth -Roles HT,CA
• The Test-ServiceHealth cmdlet does not have a -Roles option. The services necessary for alli nstalled roles are checked.