You have a Microsoft 365 environment that contains 1,000 mobile devices.
You need to recommend a solution to prevent all the mobile devices that use the Exchange ActiveSync protocol from authenticating by using Basic authentication.
Which two solutions should you recommend? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Configure the CAS mailbox settings for each mailbox.

B. Implement Azure Multi-Factor Authentication (MFA).

C. Create an authentication policy.

D. Create a conditional access policy.

E. Create a device access rule.

DRAG DROP
-
You have a Microsoft Exchange Online tenant that contains two groups named Group1 and Group2.
You need to configure threat policies to meet the following requirements:
•	URLs in email messages sent to Group1 must be scanned before the user can read the messages.
•	Email messages sent to Group2 must be protected against spoofed senders.
Which type of policy should you configure for each requirement? To answer, drag the appropriate policy types to the correct groups. Each policy type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.
 

Which contacts can sign in to and access resources in the adatum.com tenant?

A. Contact1 only

B. Contact2 only

C. Contact1 and Contact3 only

D. Contact2 and Contact3 only

E. Contact1, Contact2, and Contact3

HOTSPOT
-
You have a Microsoft Exchange Online tenant that contains a public folder named PF1 and three users named User1, User2, and User3.
Users are assigned public folder permissions to PF1 as shown in the following table.
 
Which users can read items in PF1, and which users can delete all the items in PF1? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

Your company has a Microsoft Exchange Server 2019 organization.
The company has 10,000 mailboxes. Each department at the company has 1,000 mailboxes.
You need to ensure that when users query the global address list (GAL), they can view only the list of the users in their department.
What should you create?

A. 10 GALs, 10 offline address books (OABs), 10 address lists, 10 room lists, and 10 email address policies

B. one GAL, 10 offline address books (OABs), 10 address lists, 10 room lists, and one address book policy (ABP)

C. one GAL, 10 offline address books (OABs), 10 address lists, 10 address book policies (ABPs), and one email address policy

D. 10 GALs, 10 offline address books (OABs), 10 address lists, 10 room lists, and 10 address book policies (ABPs)

You have a Microsoft Exchange Server 2019 hybrid deployment.
You need to remove the email addresses of your company's executives from the global address list (GAL).
What are two possible ways to achieve the goal? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

A. Run the Set-Mailbox cmdlet to modify the properties of each executive’s mailbox.

B. From the Exchange admin center, modify the properties of the GAL.

C. From the Exchange admin center, modify the properties of each executive’s mailbox.

D. Run the Set-GlobalAddressList cmdlet to modify the properties of the GAL.

You have a Microsoft Exchange Online tenant.
A user named User1 no longer receives email in Outlook for Windows, but can see new messages in Outlook on the web.
You plan to use the Microsoft Remote Connectivity Analyzer to run a connectivity test to verify whether MAPI over HTTP is failing.
Which test should you run?

A. Exchange ActiveSync

B. Outlook Connectivity

C. Inbound SMTP Email

D. Office 365 Single Sign-on Test

E. Synchronization, Notification, Availability, and Automatic Replies

You have a Microsoft Exchange Server 2019 organization named contoso.com and an Exchange Online tenant.
You plan to implement a hybrid deployment.
You have the certificates shown in the following table.
 
You need to identify which certificates can be assigned in the Microsoft Office 365 Exchange Hybrid Configuration wizard.
Which certificates should you identify?

A. Cert2 and Cert4 only

B. Cert3 and Cert5 only

C. Cert4 and Cert5 only

D. Cert2, Cert3, Cert4, and Cert5 only

E. Cert2 and Cert3 only

F. Cert1 only

You have a Microsoft Exchange Online tenant that uses a third-party email hygiene system named Service1. Service1 blocks all encrypted email.
All external email is routed through Service1 by using a connector.
Users classify email by using sensitivity labels. Emails classified as Secret are encrypted automatically.
You need to ensure that the users can send emails classified as Secret to external recipients.
Which two items should you create? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. a remote domain

B. a connector

C. a data loss prevention (DLP) policy

D. a mail flow rule

E. a label policy

You have a Microsoft Exchange Online tenant.
You need to ensure that an email notification is sent to a security team every time an email forwarding rule is created in the tenant.
What should you create in the Microsoft Purview compliance portal?

A. a threat policy

B. a communication compliance policy

C. an alert policy

D. a data loss prevention (DLP) policy

DRAG DROP -
You have a Microsoft Exchange Online tenant that does NOT contain any public folders.
You need to create a new public folder. The solution must ensure that users can create a post by sending an email to the folder.
Which three actions should you perform in sequence? To answer, move the appropriate cmdlets from the list of cmdlets to the answer area and arrange them in the correct order.
Select and Place:
 

You have a Microsoft Exchange Online tenant.
You need to display a list of Exchange PowerShell management role entries that relate to the Reset Password role.
Which cmdlet should you run?

A. Get-ManagementRole

B. Get-RoleAssignmentPolicy

C. Get-ManagementRoleEntry

D. Get-ManagementRoleAssignment

Your network contains an on-premises Active Directory Forest. The forest contains the domains shown in the following table.
You have a Microsoft 365 subscription.
You plan to migrate only the mailboxes of contoso.com to Exchange Online.
You deploy an Exchange Online tenant that supports the contoso.com domain.
All incoming internet email and all email between Exchange Online and the Exchange Server are routed through server1.contoso.com.
After you migrate the first test mailboxes, you discover that the users in contoso.com that have mailboxes in Exchange Online cannot see any fabrikam.com recipients in the global address list (GAL).
You need to ensure that the contoso.com users can see the fabrikam.com recipients in the GAL.
What should you do?

A. Rerun the Hybrid Configuration wizard and add fabrikam.com as a domain in the hybrid configuration.

B. Configure Azure AD Connect to sync the fabrikam.com domain.

C. From Exchange Online, create an outbound connector for the fabrikam.com domain.

D. Add a TXT record to the DNS zone of the fabrikam.com domain.

You have a Microsoft Exchange Server 2019 organization.
You need to ensure that a user named User1 can prevent mailbox content from being deleted if the content contains the words Fabrikam and Confidential.
What should you do?

A. Assign the Legal Hold and Mailbox Import Export management roles to User1.

B. Assign the Mailbox Search and Mailbox Import Export management roles to User1.

C. Add User1 to the Security Administrator role group.

D. Assign the Mailbox Search and Legal Hold management roles to User1.

You have a Microsoft 365 subscription that uses a default domain named contoso.com.
Users report that email messages from a domain named fabrikam.com are identified as spam even though the messages are legitimate.
You need to prevent messages from fabrikam.com from being identified as spam.
What should you do?

A. Enable the Zero-hour auto purge (ZAP) email protection feature.

B. Enable the safe list on a connection filter.

C. Edit the default mail flow rule to bypass the spam filter.

D. Modify the IP Allow list of a connection filter policy.

You have a Microsoft 365 subscription that contains a user named User1.
You need to ensure that User1 can only manage eDiscovery cases that she creates and export the search results. The solution must use the principle of least privilege.
To which role should you add User1?

A. Communications Compliance

B. Compliance Administrator

C. eDiscovery Manager

D. eDiscovery Administrator

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 hybrid deployment. All user mailboxes are hosted in Microsoft 365. All outbound SMTP email is routed through the on-premises Exchange organization.
A corporate security policy requires that you must prevent credit card numbers from being sent to internet recipients by using email.
You need to configure the deployment to meet the security policy requirement.
Solution: From the Exchange organization, you create a data loss prevention (DLP) policy.
Does this meet the goal?

A. Yes

B. No

You have a Microsoft Exchange Online tenant that has a verified domain named contoso.com.
From the Azure Active Directory admin center, you invite a new guest user named user1 @fabrikam.com.
You need to ensure that you can send email to User1 by selecting the name of the user from the global address list (GAL).
What should you do?

A. From the Exchange admin center, create a mail contact.

B. From the Azure Directory admin center, modify the Proxy address attribute of User1.

C. From the Microsoft 365 admin center, assign an Exchange Online license to User1.

D. From Exchange Online PowerShell, run the Set-User cmdlet.

E. From Exchange Online PowerShell, run the Set-MailUser cmdlet.

HOTSPOT
-
You have a Microsoft Exchange Online tenant.
Archive mailboxes are enabled for all users.
You need to ensure that the default size of each user’s archive mailbox increases automatically when the mailbox approaches the storage limit. The solution must apply automatically to all current and future mailboxes.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

HOTSPOT
-
You have a Microsoft Exchange Online tenant.
You need to add a custom domain named contoso.com that meets the following requirements:
•	All email messages from the internet must first be filtered by a third-party cloud service before being delivered to Exchange Online.
•	Recipient email systems must validate the messaging server for contoso.com.
Which type of DNS record should you use for each requirement? To answer, select the appropriate options in the answer area.
 

User3 leaves the company.
You need to ensure that Admin1 and Admin2 can access the mailbox of User3. The solution must meet the technical requirements.
What should you do?

A. Migrate the mailbox of User3 to a distribution group.

B. Migrate the mailbox of User3 to a Microsoft 365 group.

C. Convert the mailbox of User3 into a resource mailbox.

D. Convert the mailbox of User3 into a shared mailbox.

You have a Microsoft Exchange Online tenant.
You need to perform an In-Place eDiscovery search. The solution must meet the following requirements:
✑ Minimize administrative effort.
✑ Search both public folders and mailboxes.
✑ Use an In-Place Hold to place the search results on hold.
What should you do in the Microsoft 365 compliance center?

A. Search the public folders and the mailboxes in a single search, and then place the results on In-Place Hold.

B. Search the public folders first, and then place the results on In-Place Hold. Search the mailboxes second, and then place the results on In-Place Hold.

C. Search the public folders and the mailboxes in a single search. Once the search completes, place only the mailboxes that contain results and the public folders on In-Place Hold.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Online tenant that contains the following email domains:
•	Adatum.com
•	Contoso.com
•	Fabrikam.com
When external recipients receive email messages from the users in the tenant, all the messages are delivered by using the @contoso.com email domain.
You need to ensure that the users send email by using the @fabrikam.com email domain.
Solution: From the Microsoft 365 admin center, you set fabrikam.com as the default domain.
Does this meet the goal?

A. No

B. Yes

You have a Microsoft Exchange Online tenant that contains an email domain named contoso.com.
You have a partner organization that uses an email domain named fabrikam.com.
You plan to add a connector to secure the email messages sent from fabrikam.com to contoso.com.
You need to ensure that only fabrikam.com can use the connector.
What should you do?

A. Configure the connector to verify the contoso.com domain with a certificate.

B. Configure the connector to verify the fabrikam.com domain with a certificate.

C. Add fabrikam.com as a remote domain.

D. Add fabrikam.com as an accepted domain.

You have a Microsoft 365 subscription that uses a default domain named contoso.com.
Users report that email messages from a domain named fabrikam.com are identified as spam even though the messages are legitimate.
You need to prevent messages from fabrikam.com from being identified as spam.
What should you do?

A. Create a new remote domain.

B. Edit a spam filter policy.

C. Enable the safe list on a connection filter.

D. Enable the Zero-hour auto purge (ZAP) email protection feature.

You have a Microsoft Exchange Server 2019 hybrid deployment.
You plan to implement Hybrid Modern Authentication (HMA).
You retrieve the Exchange virtual directory settings, and you discover the following output.
 
You need to prepare the virtual directories for the planned implementation of HMA.
What should you do?

A. Add OAuth as an authentication method.

B. Remove NTLM as an authentication method.

C. Delete https://mail.contoso.com from the ExternalUrl value.

D. Modify the InternalUrl value to http://mail.contoso.com.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft 365 subscription.
Several users in the finance department of the company recently accessed unsafe websites by clicking on links in email messages.
Users in the marketing department of the company report that they must be able to access all the links embedded in email messages.
You need to reduce the likelihood of the finance department users accessing unsafe websites. The solution must affect only the finance department users.
Solution: You modify the Global settings Safe Links policy.
Does this meet the goal?

A. Yes

B. No

HOTSPOT -
You manage a Microsoft Exchange Online subscription.
You use Advanced Threat Protection (ATP).
A partner company sends daily invoices to your company. The invoices are always named AdatumInvoice.xlsx.
Some users report that sometimes they cannot find the invoices in their Inbox folder.
You need to identify whether the invoices are identified as malicious by Microsoft 365.
Which two blades should you use? To answer, select the appropriate blades in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have a Microsoft 365 E5 subscription.
A user attempts to send an email message to an external recipient and receives the following error message: `Your message couldn't be delivered because you weren't recognized as a valid sender. The most common reason for this is that your email address is suspected of sending spam and it's no longer allowed to send messages outside of your organization. Contact your email admin for assistance. Remove Server returned '550 5.1.8 Access denied, bad outbound sender'.`
You need to ensure that the user can send email to external recipients.
What should you use?

A. Threat management in the Security & Compliance admin center.

B. Data loss prevention in the Security & Compliance admin center.

C. compliance management in the Exchange admin center

D. action center in the Exchange admin center

You have a hybrid deployment between a Microsoft Exchange Online tenant and an on-premises Exchange Server 2019 organization.
The tenant uses an email domain named @contoso.com.
You recently purchased an email domain named fabrikam.com.
You need to ensure that all the users in the tenant can receive email messages by using the @fabrikam.com email domain. The solution must ensure that the users can continue to receive email by using the @contoso.com email domain.
Which three actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

A. From Azure AD Connect, add a domain for fabrikam.com.

B. From the on-premises Exchange admin center, modify the email address policy.

C. From the on-premises Exchange admin center, add an accepted domain for fabrikam.com.

D. From the Microsoft 365 admin center, verify the fabrikam.com email domain.

E. From Azure Cloud Shell, create a script that runs the Set-Mailbox cmdlet.

F. From the Microsoft 365 admin center, add the fabrikam.com email domain.

You have 1,000 user accounts that are each licensed for Microsoft 365. Each user account has a Microsoft Exchange Online mailbox.
Ten of the user accounts are configured as service accounts for applications. The applications send event notifications to the mailboxes of the service accounts by using SMTP. The developers of each application have delegated access to the mailbox of their respective application.
You need to ensure that all the event notifications sent by the applications are retained in the service account mailboxes so that new developers can review older notifications. The developers must be able to view only the notifications for their respective application. The solution must minimize licensing costs.
What should you do?

A. Convert the service account mailboxes into shared mailboxes.

B. Replace the service account mailboxes with a mail-enabled group.

C. Convert the service account mailboxes into mail-enabled contacts.

D. Convert the service account mailboxes into mail-enabled users.

You have a Microsoft Exchange Server 2019 organization.
You need to ensure that a user named User1 can prevent mailbox content from being deleted if the content contains the words Fabrikam and Confidential.
What should you do?

A. Assign the Mailbox Search and Legal Hold management roles to User1.

B. Assign the Legal Hold and Mailbox Import Export management roles to User1.

C. Add User1 to the Records Management management role group.

D. Assign the Mailbox Search and Mailbox Import Export management roles to User1.

You have a Microsoft Exchange Online tenant that contains the groups shown in the following table.
 
Which groups can you upgrade to a Microsoft 365 group?

A. Group1 only

B. Group1, Group2, Group3, and Group4

C. Group2 and Group3 only

D. Group3 only

E. Group1 and Group4 only

You have a Microsoft Exchange Online tenant that contains 1,000 user mailboxes and 10 mail-enabled users. The mail-enabled users have email addresses in two SMTP domains named fabrikam.com and contoso.com.
You need to convert the mail-enabled users into user mailboxes.
What should you do first?

A. Remove the remote domains of fabrikam.com and contoso.com.

B. Assign a license to each user.

C. Add the users to an Office 365 group.

D. Modify the email forwarding settings of each user.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has a Microsoft Exchange Server 2019 hybrid deployment that contains two Mailbox servers named MBX1 and MBX2.
The company has the departments shown in the following table.
 
From the on-premises organization, outbound email is sent directly to the Internet by using DNS lookups.
You are informed that some sales department users send email messages that are identified as spam.
You need to automatically block the sales department users from repeatedly sending spam.
Solution: You modify the outbound spam filter policy in Exchange Online.
Does this meet the goal?

A. Yes

B. No

HOTSPOT -
You have a Microsoft Exchange Server 2019 hybrid deployment.
You are migrating mailboxes from the on-premises organization to Exchange Online.
From the Exchange admin center, you create a new migration batch that includes 25 mailboxes, and then you select Manual Complete the batch.
Later, you must complete the migration of a mailbox named
user1@litware.com
in the batch as soon as possible. You discover that the status of the migration batch is Syncing, but the status of the move request for
user1@litware.com
is Synced.
You need to complete the migration of the
user1@litware.com
mailbox to Exchange Online as soon as possible.
How should you complete the command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:
 

You have a hybrid deployment that contains a Microsoft Exchange Online tenant and an on-premises Exchange Server 2019 server named Server1.
Server1 uses a certificate from a third-party certification authority (CA). The certificate is enabled for the SMTP service.
You replace the certificate with a new certificate.
You discover that delivery fails for all email messages sent from Server1 to your Microsoft 365 tenant.
You receive the following error message for all the queued email messages: `450 4.4.101 Proxy session setup failed on Frontend with 451 4.4.0 Primary target IP address responded with 451 5.7.3 STARTTLS is required to send mail.`
You need to ensure that the messages are delivered successfully from Server1 to the Microsoft 365 tenant.
What should you do?

A. From Server1, enable a self-signed certificate for the SMTP service.

B. Run the Exchange Hybrid Configuration wizard.

C. From the firewall, disable SMTP content inspection.

D. From Server1, enable the new certificate for the IMAP4 service.

HOTSPOT
-
You have a Microsoft Exchange Online tenant.
A user reports that an expected email message from an internet recipient was never delivered, and the sender never received a non-delivery report (NDR).
You need to troubleshoot inbound message delivery to meet the following requirements:
•	Verify DNS and MX connectivity for the target domain.
•	Verify whether the message was quarantined.
What should you use for each requirement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

You have a Microsoft Exchange Server hybrid deployment that contains Exchange 2013, Exchange 2016, and Exchange 2019 servers. All the servers have the latest Cumulative Updates (CUs) applied.
You need to implement Hybrid Modern Authentication (HMA). The solution must minimize costs.
What should you do first?

A. Upgrade the Exchange 2013 servers to Exchange 2016 CU7.

B. Add the on-premises web service URLs as Azure Active Directory (Azure AD) service principal names (SPNs).

C. Upgrade all the servers to Exchange 2019.

D. Create an Azure Active Directory (Azure AD) conditional access policy for Exchange Online.

You need to recommend a solution for the public folders that supports the planned changes and meets the technical requirements.
What should you recommend?

A. Microsoft 365 groups

B. Resource mailboxes

C. Public folder replicas

D. Microsoft SharePoint site mailboxes

You have a Microsoft Exchange Online tenant that contains a resource mailbox named ConferenceRoom1.
ConferenceRoom1 is configured as shown in the following exhibit.
 
You need to review the customized setting for booking requests.
Which cmdlet should you run?

A. Get-ResourceConfig

B. Get-Mailbox

C. Get-MailboxCalendarFolder

D. Get-CalendarProcessing

You have a Microsoft 365 tenant that contains a user named User1.
User1 reports that she cannot configure a mail profile in Microsoft Outlook for Windows.
User1 receives the following error message: "Encrypted connection to your mail server is not available."
You verify that User1 is assigned a Microsoft Office 365 Enterprise F3 license and can send email messages from her account by using Outlook on the web.
You need to ensure that User1 can connect to Outlook successfully.
What should you do?

A. Run the Microsoft Support and Recovery Assistant for Office 365.

B. Activate the installation of Office 365 ProPlus.

C. Modify the license assigned to User1.

D. Install a new certificate on the computer of User1.

You have a Microsoft Exchange Server 2016 organization.
You are performing a full migration to Exchange Online.
You need to migrate all the address lists and data loss prevention (DLP) policies to Exchange Online.
What should you configure in the Hybrid Configuration Wizard?

A. Centralized mail transport

B. Organization Configuration Transfer

C. a transport certificate

D. a federation trust

HOTSPOT
-
You are configuring a hybrid deployment between a Microsoft Exchange Online tenant and an on-premises Exchange Server 2019 organization.
The Exchange Server organization contains two servers named Server1 and Server2.
You have a proxy server named Proxy1 that is accessible by using http://proxy1:8080.
You install the Microsoft Hybrid Agent on Server1 and Server2.
You need to ensure that the Hybrid Agent uses only Proxy1 to connect to Microsoft Online Services.
How should you complete the PowerShell command? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
 

DRAG DROP
-
You have a Microsoft Exchange Online tenant.
A user named User1 has an Exchange Online mailbox.
User1 leaves your company.
You need to configure the user account of User1 to meet the following requirements:
•	The Microsoft 365 license assigned to User1 must be available for another user.
•	Manager1 must be able to manage all the contents in the mailbox of User1.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
 

HOTSPOT -
You have a Microsoft Exchange Server 2019 organization.
You have the Address Book Policies (ABP) and address lists in the following table.
 
You have the users in the following table.
 
You assign ABP1 to User1 and User2.
User3 is NOT assigned to an Address Book Policy.
For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.
Hot Area:
 

SIMULATION -
Please wait while the virtual machine loads. Once loaded, you may proceed to the lab section. This may take a few minutes, and the wait time will not be deducted from your overall test time.
When the Next button is available, click it to access the lab section. In this section, you will perform a set of tasks in a live environment. While most functionality will be available to you as it would be in a live environment, some functionality (e.g., copy and paste, ability to navigate to external websites) will not be possible by design.
Scoring is based on the outcome of performing the tasks stated in the lab. In other words, it doesn't matter how you accomplish the task, if you successfully perform it, you will earn credit for that task.
Labs are not timed separately, and this exam may have more than one lab that you must complete. You can use as much time as you would like to complete each lab. But, you should manage your time appropriately to ensure that you are able to complete the lab(s) and all other sections of the exam in the time provided.
Please note that once you submit your work by clicking the Next button within a lab, you will NOT be able to return to the lab.
 
Use the following login credentials as needed:
To enter your username, place your cursor in the Sign in box and click on the username below.
To enter your password, place your cursor in the Enter password box and click on the password below.
Microsoft 365 Username:
admin@abc.com
Microsoft 365 Password: xxxxxx -
If the Microsoft 365 portal does not load successfully in the browser, press CTRL-K to reload the portal in a new browser tab.
The following information is for technical support purposes only.
Lab Instance: XXXXXX -
Users report that email disclaimers are no longer being appended to email messages sent to external recipients.
You need to ensure that all email sent to external recipients contains your corporate disclaimer.
To complete this task, sign in to the Microsoft 365 admin center.

After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have a Microsoft Exchange Server 2019 hybrid deployment. All user mailboxes are hosted in Microsoft 365. All outbound SMTP email is routed through the on-premises Exchange organization.
A corporate security policy requires that you must prevent credit card numbers from being sent to internet recipients by using email.
You need to configure the deployment to meet the security policy requirement.
Solution: From the Exchange organization, you modify the properties of the Send connectors.
Does this meet the goal?

A. Yes

B. No

Your network contains an Active Directory domain. The domain contains an on-premises Microsoft Exchange Server 2019 organization.
You have a hybrid deployment between the Exchange Server organization and an Exchange Online tenant. Exchange Online contains all the mailboxes, including a shared mailbox named CustomerSupport.
You need to ensure that users cannot directly sign in to the CustomerSupport mailbox. Shared mailbox functionality must be unaffected.
What should you do?

A. Remove the user account of CustomerSupport from Active Directory.

B. From the Microsoft 365 admin center, block sign-ins for the user account of CustomerSupport.

C. Remove the user account of CustomerSupport from Azure AD.

D. From the Microsoft 365 admin center, reset the password for the user account of CustomerSupport.

HOTSPOT -
You have a Microsoft Exchange Online tenant.
You recently hired two new administrators named Admin5 and Admin6.
You need to grant the following permissions to the new administrators:
✑ Admin5 must be able to assign licenses to users.
Admin6 must be able to modify the email SPAM settings of all users.
 
✑ Admin5 must be able to configure the email forwarding settings of all users.
✑ Admin5 and Admin6 must be able to manage the mailbox permissions of all users.
The solution must use the principle of least privilege.
Which role should you assign to each user? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area: