- Home
- Server Administration
- Advanced Solutions of Microsoft Exchange Server 2013 (70-342)
6.
You need to verify if the installed SSL certificate for server01.contoso.com will work
with your Lync/Skype for business system with MTLS. Which certificates are valid?
(Choose all that apply.)
- A.Self-signed certificate with the FQDN of the server.
- B.Certificate issued by an internal Enterprise CA including the FQDN of the server.
- C.Certificate issued by a third-party including the HTTPS name (mail.contoso.com).
- D.Third-party certificate including the FQDN of the server.
- Answer & Explanation
- Report
Answer : [B, D]
Explanation :
Explanation :
|
A. Incorrect: A self-signed SSL certificate cannot be used for MTLS with Lync/Skype
for business. B. Correct: An Enterprise CA trusted by both systems with the FQDN of the server is valid. C. Incorrect: The UM services will use a FQDN rather than the defined HTTPS URLs and the communication will fail. D. Correct: A third-party CA trusted by both systems including the FQDN of the server is valid. |
7.
SIP secured communications appear to fail. You ask the networking team to check that
the correct ports are open. Which port is not required for SIP secured communications?
- A.5060
- B.5061
- C.5063
- D.5068
- Answer & Explanation
- Report
Answer : [A]
Explanation :
Explanation :
|
A. Correct: This port is used for unsecured SIP communications by the UM call router service. B. Incorrect: This port is used for SIP secured communications by the UM call router service. C. Incorrect: This port is used for SIP secured communications by the UM service. D. Incorrect: This port is used for SIP secured communications by the UM worker process. |
8.
The IP gateway is configured to connect to Exchange 2007 using an IP address. When
a user is migrated to Exchange 2013, the calls to UM never reach the UM call router
service on an Exchange 2013 server. Firewall rules are correct. Which of the following is
a possible resolution?
- A.Reconfigure the IP gateway to use the IP address of the Exchange 2013 server instead of the Exchange 2007 server.
- B.Reconfigure the IP gateway so it can use DNS resolution.
- C.Update the settings on the IP gateway to use the DNS name of the Exchange 2007 server.
- D.Verify that the SSL certificates are correctly configured on the Exchange 2013 servers.
- Answer & Explanation
- Report
Answer : [B]
Explanation :
Explanation :
|
A. Incorrect: This may allow the UM call to succeed for the user migrated, but is
likely to break UM for Exchange 2007 users. B. Correct: The redirect from the Exchange 2007 server will refer the IP gateway to a FQDN and port number of an Exchange 2013 UM call router. C. Incorrect: As the issue appeared to be the DNS-based redirection, this change may break communications with the Exchange 2007 UM server as well. D. Incorrect: As the IP gateway is using an IP address to communicate with the Exchange 2007 server, MTLS is not configured and working. |
9.
The final mailbox has been migrated to Exchange 2013 and your colleague switches off
the final Exchange 2010 UM servers without uninstallation. What issues may an administrator
see if the servers are not uninstalled correctly? (Choose all that apply.)
- A.No issues, this is the correct way to decommission the server.
- B.The UM servers may still appear in Exchange management tools and cause timeouts.
- C.A future upgrade to a newer Exchange version may not be possible without remediation.
- D.SSL certificate generation will fail.
- Answer & Explanation
- Report
Answer : [B, C]
Explanation :
Explanation :
|
A. Incorrect: The issues described in B and C are one of numerous issues that may occur. B. Correct: The list of Exchange servers returned by management tools will include the switched off UM servers and the tools may attempt to contact and interrogate the servers, causing timeouts and error messages. C. Correct: Just like Exchange 2013 cannot be installed into an organization that still has Exchange 2003 servers, the UM servers that have not been uninstalled properly will still appear to exist within the organization. This may prevent a future upgrade. D. Incorrect: SSL certificate generation does not depend on the availability of existing servers. |
10.
One winter’s day a supplier-level power failure occurs impacting the primary site. Staff
are sent home and your requirement is to bring Exchange Server online in the disaster
recovery site. What are the steps to do this when the file share witness is located in the
primary site and DatacenterActivationMode is set to DAGOnly? The alternative witness
server had been configured when the DAG was originally set up.
- A.Stop-DatabaseAvailabilityGroup -ActiveDirectorySite <PrimarySite> followed by Resume-DatabaseAvailabilityGroup -ActiveDirectorySite <SecondarySite>
- B.Stop-DatabaseAvailabilityGroup -ActiveDirectorySite <PrimarySite> followed by Start-DatabaseAvailabilityGroup -ActiveDirectorySite <SecondarySite> -WitnessServer FS1
- C.Stop-DatabaseAvailabilityGroup -ActiveDirectorySite <PrimarySite> followed by Restore-DatabaseAvailabilityGroup -ActiveDirectorySite <SecondarySite>
- D.Stop-DatabaseAvailabilityGroup -ActiveDirectorySite <PrimarySite> followed by Restore-DatabaseAvailabilityGroup -ActiveDirectorySite <SecondarySite> -WitnessServer FS1
- Answer & Explanation
- Report
Answer : [C]
Explanation :
Explanation :
|
A. Incorrect: Resume-DatabaseAvailabilityGroup is not a valid cmdlet. B. Incorrect: Start-DatabaseAvailabilityGroup is used to restart the DAG in the failed site that is back online again. It is not used to reduce the DAG to just the secondary site and bring the DAG online in the event of a failure. C. Correct: The correct commands are Stop-DatabaseAvailabilityGroup followed by Restore-DatabaseAvailabilityGroup. D. Incorrect: The question says the alternative witness server has already been set so it is not needed to be set again, but if it was needed it would be set as a property of the DAG with Set-DatabaseAvailabilityGroup –AlternateWitnessServer. |
|
|
||||||||||||||||||||||||||||
