Objective 3.1 Exchange 2010 Flashcards
Objective 3.1: Configure POP, IMAP, and Microsoft ActiveSync. (36 cards)
You should be aware that Outlook defaults to ______ when interacting with Exchange Server 2010 SP1 or SP2.
RPC
To support POP3 and IMAP4 traffic, you need to enable both these services on the ______ server and ensure that you configure the mailbox user’s settings to allow access to their mailbox by using the appropriate protocol.
Client Access
You use the Services Console to start and start and stop the POP3 and IMAP4 services on a ______ server. Typically you would set the service startup type to Automatic.
Client Access
Unencrypted POP3 traffic uses TCP port 110, POP3 traffic encrypted with SSL uses port ______. Unencrypted IMAP4 traffic uses TCP port 143, IMAP4 traffic encrypted with SSL uses port ______.
995,
993
You can enable IMAP4 or POP3 for a specific user mailbox by editing the user’s mailbox ______ dialog box.
Properties
You can use the EMC to access the Properties dialog box for POP3 or IMAP4 and specify an X.509 certificate name on the ______ tab. You can also use the EMS Set-PopSettings or Set-ImapSettings cmdlet, as appropriate. The following command configures the POP3 service on server VAN-EX1 to use TLS or SSL security, and specifies that a certificate named MyCert01 is used for that purpose: ______.
Authentication,
Set-PopSettings -server VAN-EX1 -X509CertificateName MyCert01
Outlook Express and Windows Live Mail use ______ to access user mailboxes. To ensure email availability to recipients who are using these clients, you need to configure this service to start automatically.
POP3
When you install Exchange Server 2010 SP1 OR SP2 on a computer, this installs a default ______ certificate.
self-signed
In Exchange 2010, subject alternative name (SAN)s allow an SSL certificate to be mapped to multiple ______. The Exchange self-signed certificate will have SANs that correspond to the name of the Exchange server, including the server name and the server’s FQDN.
FQDNs
When generating a certificate request file, you can specify that you want to apply this certificate to all subdomains by using ______. Using this option, you can add subdomains at a later stage without having to update an existing certificate.
wildcards
You can use the EMS ______ cmdlet to assign services to a certificate.
Enable-ExchangeCertificate
You should be able to use the ______ Wizard from the EMC or the EMS ______ cmdlet to create a new ActiveSync Mailbox Policy.
New Exchange ActiveSync Mailbox Policy,
New-ActiveSyncMailboxPolicy
You can use the EMS ______ cmdlet to configure ActiveSync device policies.
Set-ActiveSyncMailboxPolicy
You can manage mobile devices by using EMS, including performing a remote ______ of the device.
wipe
The following four EMS cmdlets are available to manage mobile devices: ______.
- Get-ActiveSyncDevice – Lists all the mobile phones that have been paired with mailboxes.
- Get-ActiveSyncDeviceStatistics – Provides info about mobile devices that are paired with specific mailboxes.
- Clear-ActiveSyncDevice – Wipes a mobile device.
- Remove-ActiveSyncDevice – Removes the relationship between a specific mailbox and a mobile device.
When OWA policies are configured appropriately, users can perform a remote wipe on a mobile device from OWA. Note that ______ privileges are required to use EMS cmdlets to wipe mobile devices, but ordinary users can wipe their own mobile devices remotely by using OWA.
administrator
You should be aware that the Autodiscover service provides clients running Outlook 2007 and Outlook 2010 and mobile phones running Windows Mobile 6.1 or later with user profile ______ settings.
configuration
You can use the EMS ______ cmdlet to verify that the Autodiscover service settings are working properly for Outlook 2007 and 2010 clients. For example, the following command checks that Autodiscover is functioning properly on server CAS02: ______.
Test-OutLookWebServices,
Test-OutlookWebServices –ClientAccessServer CAS02
Remember that to enable the Autodiscover service and ActiveSync for Internet users, you need to assign an external name to the ______ server. You can do this, for example, by adding an A record in DNS.
Client Access
You can use the EMS ______ cmdlet to configure ActiveSync authentication. You can use this cmdlet with (for example) the BasicAuthEnabled, ClientCertAuth, ExternalAuthenticationMethods, InternalAuthenticationMethods, and MobileClientCertificateProvisioningEnabled parameters.
Set-ActiveSyncVirtualDirectory
Certificate-based authentication is not the only security feature available for ActiveSync. You can use certificate-based authentication together with other security features, such as local device wipe and a device password. The private key and certificate for client authentication are stored in ______ on the mobile phone. If an unauthorized user tries to bypass the mobile phone password, all user data is purged, including the certificate and private key.
memory
You can configure ActiveSync settings by editing the ActiveSync virtual directory properties using the EMC. You can also configure the ActiveSync virtual directory by using the ______ cmdlet. For example, the following command enables bad item reporting on the server VAN-EX1: ______.
Set-ActiveSyncVirtualDirectory,
Set-ActiveSyncVirtualDirectory -Identity “VAN-EX1\Microsoft-Server-ActiveSync” -BadItemReportingEnabled:$true
The EMS ______ cmdlet allows you to test to verify that ActiveSync is functioning properly. For example, the following command tests ActiveSync connectivity for the mailbox Kim_Akers on Client Access server GLA_CAS02: ______.
Test-ActiveSyncConnectivity,
Test-ActiveSyncConnectivity –ClientAccessServer GLA_CAS02 –URL http://adatum.com/mail -MailboxCredential “Kim_Akers”
You can reconfigure the URL of the ActiveSync virtual directory by using the ______ cmdlet. This might be necessary if you want users to be able to access a mailbox server through the Internet by using ActiveSync.
Set-ActiveSyncVirtualDirectory
