Free MCSE Braindumps .com provides the best resource to prepare for the actual certification exams like 070-290, 070-293, 070-210 and more.
Welcome to Free MCSE Braindumps.com
70-225 Designing and Deploying a Messaging Infrastructure with Microsoft Exchange 2000 Server
Case Study #4, Trey Research
Introduction:
You are an employee of Trey Research. Your current project is to provide design and deployment
services for the implementation of Exchange 2000 Server as your company's primary messaging
system.
Background:
Company Profile:
Trey Research is a diversified chemical company that produces household and commercial
projects. Trey Research employs more than 90,000 people, in 55 countries.
Business Plan:
Trey Research plans to continue to grow. Over the next two years, the company plans to increase
staff by 10 percent at each location, with the exception of the Pacific Rim area, where it plans to
increase staff 50 percent.
Money is budgeted for improvements in network reliability and scalability.
Overview:
The divisions at Trey Research are autonomous. Each company location has staff assigned to
support and administer the Exchange Server computers.
Directory Design:
The directory structure is a traditional Microsoft Windows NT 4.0 multi-master domain model
that includes an Exchange Server 5.5 directory. The company does not use Active Directory. The
planned Active Directory design implementation will migrate the current Windows n domains to
a single Microsoft Windows 2000 domain.
Administrative Model:
The Exchange Server 5.5 staff at each location consists of a group of administrators who are
responsible for the Exchange Server 5.5 infrastructure and the Exchange Server 5.5 directory.
The Windows staff is a separate storage group of administrators and who are responsible for the
Windows NT and Windows 2000 infrastructure. The group is also responsible for the Windows
NT domains.
The network staff is a third group of administrators, who are responsible the network
infrastructure which includes DNS name resolution and the firewalls.
�
Network Infrastructure:
Trey Research has a worldwide network, which is shown in the exhibit.
The Exchange 5.5 site connections follow the physical network connections. The cost value on
each site connector is 10. Bandwidth available between sites is at least 256 Kbps.
Servers:
There are Exchange Server 5.5 computers at every location. There are two Exchange Server 5.5
computer configurations
? Dual-function mailbox-public folder servers.
? Bridgehead servers.
The following lists describe the mailbox-public folder servers.
Small servers
? 500-999 mailboxes
? Priv.edb size of 5 GB to 10 GB
? Pub.edb size of 3 GB to 10 GB
Large servers
? 1,000-6,000 mailboxes
? Priv.edb size of 11 GB to 50 GB
? Pub.edb size of 11 GB to 40 GB
The large mailbox-public folder servers process a high volume of transactions. Currently, public
folder usage has a negative effect on mailbox access on these servers.
Some of the small mil-box public folder servers are configured with circular logging enabled. The
large mailbox-public folder servers are configured with circular logging disabled.
The bridgehead servers have 128 MB of memory.
Virus-scanning software is installed on all Exchange Server 5.5 mailbox-public folder servers.
Client Computers:
On a company-wide basis, all versions of Microsoft Outlook are used to access Exchange. Some
employees use third-party POP3 client software to remotely access Exchange. Exchange Server
5.5 Outlook Web Access is available but has not been used extensively because of scalability
problems.
Users in the inventory control department do not use Microsoft Office or Outlook. This group
runs a custom inventory application that does not require powerful client computers. Most users
in this group have Pentium computers with 100 MHz processors running Windows for
Workgroups 3.11. All users in this group must have access to e-mail and public folders.
Exchange 2000 Server Requirements and Goals:
Security Requirements:
Exchange 2000 Server design must maximize the security between the Exchange 2000 Server
computers and the POP3 client software that is used on the remote client computers.
Backup, Recovery, and Archiving Requirements:
�
These requirements must be fulfilled after a failure.
? Mailboxes for users in the Legal department must be restored within two hours.
? Mailboxes for all other users must be restored within six hours.
? Information in public folders must be restored within eight hours.
These requirements must be fulfilled for archive retention.
? Legal department messages must be retained for at least three days, with a measure of 30
days.
? All other user's messages must be retained for at least 30 days, with a maximum of one year.
? Documents in public folders must be retained for at least two years with no maximum.
The Exchange 2000 Server computers should be recoverable to point of failure.
Interoperability Requirements:
The employees who use POP3 client software must be able to remotely access public folders. The
POP3 software must maintain a small footprint on these remote client computers.
Technical Support Requirements:
The Exchange Administrator staff will be split into two groups:
.
The first group will administer all connections between Exchange 2000 Server sites and
routing groups. This group will also administer Exchange 2000 server computers that are used
as bridgehead servers and as front-end servers, and all exchanged hosted connections to
outside sources.
.
The second group will continue to administer the information store servers at each location.
The administrators at each office will be able to administer the information store servers at
only that location.
Messaging manager:
The manager in charge of messaging services wants to meet these objectives for the new
exchange 2000 server implementation:
.
All users must be able to quickly locate documents in all of the public folders.
.
The design for exchange 2000 server public folder must accommodate documents that are
stored in public folders and tat change very frequently, but are accessed infrequently.
.
The back-end servers must be available 99.999 percent of the time, and hardware must be
used efficiently.
.
Users will log on to the active directory infrastructure by using a windows 2000 account as
they are moved to exchange 2000 server.
Changes to the existing network should be avoided, and new physical network connections
should be designed with capabilities that exceed the requirements for failover purposes.
Technology Specialist:
The technology specialist who is responsible for the exchange server computers wants to meet
these objectives:
.
The design should minimize total disk space requirements by maximizing single-instance
storage.
.
Only the essential items that are needed to perform a complete mailbox server recovery
should be backed up to tape on a nightly basis.
.
The design must protect against message storms and the misuse of distribution groups.
Questions, Case Study #4, Trey Research
�
QUESTION 1
How should you design the client computer software strategy?
A. Continue to use all versions of Outlook on the client computers.
Ensure that Exchange 2000 Outlook Web Access is available to all users.
Instruct the users in the Inventory Control department to use Outlook Web Access for
all e-mail access.
B. Continue to use all versions of Outlook on the client computers.
Ensure that Exchange 2000 Outlook Web Access is available to all users.
Install Outlook 2000 for the users in the Inventory Control department, and instruct
those users to use Outlook 2000 for all e-mail access.
C. Upgrade all Outlook 97 and Outlook 98 users to Outlook 2000.
Ensure that Exchange 2000 Outlook Web Access is available to all users.
Instruct the users in the Inventory Control client software for all e-mail access.
D. Continue to use all versions of Outlook on the client computers.
Ensure that Exchange 2000 Outlook Web Access is available to all users.
Install Outlook 97 for the users in the Inventory Control department and instruct these
users to use Outlook 97 for all e-mail access.
Answer: A
Explanation
Because they do not tell us what version of outlook they are using we can not select and answer
that contain an upgrade solution for existing clients, They also do not use Exchange Server 5.5
Outlook Web Access because of scalability problems but OWA 2000 scales well, also they havae
client that still using windows 3.11 for workgroup
They tell us
Client Computers:
On a company-wide basis, all versions of Microsoft Outlook are used to access Exchange. Some
employees use third-party POP3 client software to remotely access Exchange.
Interoperability Requirements:
The employees who use POP3 client software must be able to remotely access public folders. The
POP3 software must maintain a small footprint on these remote client computers.
Exchange Server 5.5 Outlook Web Access is available but has not been used extensively because
of scalability problems.
QUESTION 2
What recommendations you made for the administrative model?
A. Reorganize the IT organization to move the responsibility for the directory from the
exchange Server 5.5 staff to Windows staff.
Assign the Windows staff to be accountable for the design, deployment and
administrator of Active Directory services.
B. Create a directory team that includes members from only the Windows staff and the
Exchange Server 5.5 staff.
Assign this team to be accountable for the design, deployment and administrator of
Active Directory services.
�
C. Create a directory team that includes members from only the Windows staff, the
Exchange Server 5.5 staff and the network staff.
Assign this team to be accountable for the design, deployment and administrator of
Active Directory services.
D. Reorganize the IT organization to move the responsibility for the directory from the
Windows staff to Exchange Server 5.5 staff.
Assign the Exchange Server 5.5 staff to be accountable for the design, deployment and
administrator of Active Directory services.
Answer: C
Explanation
They require two kinds of groups to manage their infrastructure based on theirs requirements
One for exchange one for Active Directory, in this way best answer is C
They tell us
Technical Support Requirements:
The Exchange Administrator staff will be split into two groups:
.
The first group will administer all connections between Exchange 2000 Server sites and
routing groups. This group will also administer Exchange 2000 server computers that are used
as bridgehead servers and as front-end servers, and all exchanged hosted connections to
outside sources.
.
The second group will continue to administer the information store servers at each location.
The administrators at each office will be able to administer the information store servers at
only that location.
QUESTION 3
Which two actions should you perform to configure public folders? (Choose two)
A. Use Exchange 2000 indexing on all public folders.
B. Use Exchange 2000 to replicate all public folders to another Server.
C. Distribute all public folders across multiple public folder trees.
D. Use the Windows 2000 indexing service on drive M.
E. Replicate all public folders to an Exchange 2000 Server computer in each location.
Answer: A, E
Explanation
Because they accommodate documents that are stored in public folders and tat change very
frequently we will use indexing for public folders to get better performance, in searching
Also we will replicate the central public folder to our sites to improve the access to each public
folder, best solution when you have a lot of access,
In real life Public folders heavily used must reside in their own servers, an mailbox in theirs own
servers.
They tell us
The design for exchange 2000 server public folder must accommodate documents that are stored
in public folders and tat change very frequently, but are accessed infrequently.
The large mailbox-public folder servers process a high volume of transactions. Currently, public
folder usage has a negative effect on mailbox access on these servers.
�
QUESTION 4
How should you design the Server disk configurations to maximize performance?
A. Create a RAID 1+0 array for each storage group.
Create a mirrored pair of disk drivers for the transaction logs.
B. Create a single RAID 1+0 array for all of storage groups.
Create a mirrored pair of disk drivers for each set of transaction logs.
C. Create a single RAID 1+0 array for all of the storage groups.
Create a mirrored pair of disk drivers for the transaction logs.
D. Create a RAID 1+0 array for each storage group.
Create a mirrored pair of disk drivers for each set of transaction logs.
Answer: D
Explanation
Disk Performance Issues
Unlike CPU performance issues, disk performance issues cannot be diagnosed with a single
counter that indicates that you have a disk bottleneck.
Note A disk bottleneck can also be a result of memory issues, and cannot be solved by simply
adding more spindles.
Ensure when you size your Exchange 2000 disk configurations, to size for I/O capacity and not
for disk space alone. Microsoft recommends RAID 0+1 because this configuration tends to result
in more I/O capacity than RAID 5.
Disk Performance Issues: Approach One
The first approach to determining if you are encountering a disk bottleneck is to monitor the
following counters for each of your physical drives.
PhysicalDisk(drive:)\Disk Writes/sec
PhysicalDisk(drive:)\Disk Reads/sec
Note Before troubleshooting disk performance problems, at the command prompt, run diskperf
-y to activate logical, as well as physical, disk counters.
Look at each drive and compare to the total instance to isolate where the I/O is going. You can
use the recommendations below to assist with the comparison and determine if you have a
bottleneck.
.
Raid-0: Reads/sec + Writes/sec < # Spindles x 100
.
Raid-1: Reads/sec + 2 * Writes/sec < # Spindles x 100 (each write has to go to each
mirror on the array)
.
Raid-5: Reads/sec + 4 * Writes/sec < # Spindles x 100 (each write requires two reads and
two writes)
Note This assumes disk throughput is equal to 100 random I/O per spindle.
For more information about RAID, see the following "RAID Levels" section.
RAID Levels
Although there are many different implementations of RAID technologies, they all share two
similar aspects. They all use multiple physical disks to distribute data, and they all store data
according to a logic that is independent of the application for which they are storing data.
This section discusses four primary implementations of RAID: RAID-0, RAID-1, RAID-0+1, and
RAID-5. Although there are many other RAID implementations, these four types serve as a
�
representation of the overall scope of RAID solutions.
RAID-0
RAID-0 is a striped disk array; each disk is logically partitioned in such a way that a "stripe" runs
across all the disks in the array to create a single logical partition. For example, if a file is saved to
a RAID-0 array, and the application that is saving the file saves it to drive D, the RAID-0 array
distributes the file across logical drive D (see Figure 13). In this example, it spans all six disks.
Figure 13 RAID-0 disk array
From a performance perspective, RAID-0 is the most efficient RAID technology because it can
write to all six disks at once. When all disks store the application data, the most efficient use of
the disks occurs.
The drawback to RAID-0 is its lack of reliability. If the Exchange mailbox databases are stored
across a RAID-0 array and a single disk fails, you must restore the mailbox databases to a
functional disk array and restore the transaction log files. In addition, if you store the transaction
log files on this array and you lose a disk, you can perform only a point-in-time restoration of the
mailbox databases from the last backup.
RAID-1
RAID-1 is a mirrored disk array in which two disks are mirrored (see Figure 14).
Figure 14 RAID-1 disk array
RAID-1 is the most reliable of the three RAID disk arrays because all data is mirrored after it is
written. You can use only half of the storage space on the disks. Although this may seem
inefficient, RAID 1 is the preferred choice for data that requires the highest possible reliability.
RAID-0+1
A RAID-0+1 disk array allows for the highest performance while ensuring redundancy by
combining elements of RAID-0 and RAID-1 (see Figure 15).
�
Figure 15 RAID-0+1 disk array
In a RAID-0+1 disk array, data is mirrored to both sets of disks (RAID-1), and then striped across
the drives (RAID-0). Each physical disk is duplicated in the array. If you have a six-disk RAID0+
1 disk array, three disks are available for data storage.
RAID-5
RAID-5 is a striped disk array, similar to RAID-0 in that data is distributed across the array;
however, RAID-5 also includes parity. This means that there is a mechanism that maintains the
integrity of the data stored in the array, so that if one disk in the array fails, the data can be
reconstructed from the remaining disks (see Figure 16). Thus, RAID-5 is a reliable storage
solution.
Figure 16 RAID-5 disk array
However, to maintain parity among the disks, 1/n GB of disk space is sacrificed (where n equals
the number of drives in the array). For example, if you have six 9-GB disks, you have 45 GB of
usable storage space. To maintain parity, one write of data is translated into two writes and two
reads in the RAID-5 array; thus, overall performance is degraded.
The advantage of a RAID-5 solution is that it is reliable and uses disk space more efficiently than
RAID-1 (and 1+0).
For more information on comparing RAID solutions and RAID levels, as well as Storage Area
Network (SAN) and Network Attached Storage (NAS) solutions, see the Storage Solutions for
Microsoft(r) Exchange 2000 Server white paper.
Disk Performance Problems: Approach Two
The second approach to determining if you are encountering a disk bottleneck requires looking at
the I/O requests waiting to be completed using the following disk queue counters.
PhysicalDisk(drive:)\Avg. Disk Queue
PhysicalDisk(drive:)\Current Disk Queue
The PhysicalDisk(drive:)\Avg. Disk Queue counter indicates the average queue length over the
sampling interval. The PhysicalDisk(drive:)\Current Disk Queue counter reports the queue length
value at the instant of sampling.
�
You are encountering a disk bottleneck if the average disk queue length is greater than the
number of spindles on the array and the current disk queue length never equals zero. Short spikes
in the queue length can drive up the queue length average artificially, so you must monitor the
current disk queue length. If it drops to zero periodically, the queue is being cleared and you
probably do not have a disk bottleneck.
Note When using this approach, correlate the queue length spikes with the MSExchangeIS\RPC
Requests counter to confirm the effect on clients.
Disk Problems: Approach Three
For the third approach to determining if you are encountering a disk bottleneck, look at the I/O
latency, which can give you an indication of the health of your disks:
PhysicalDisk(drive:)\Avg. Disk sec/Read
PhysicalDisk(drive:)\Avg. Disk sec/Write
A typical range is .005 to .020 seconds for random I/O. If write-back caching is enabled in the
array controller, the PhysicalDisk(drive:)\Avg. Disk sec/Write counter should be less than .002
seconds.
If these counters are between .020 and .050 seconds, there is the possibility of a disk bottleneck.
If the counters are above .050 seconds, there is definitely a disk bottleneck.
Reference
Troubleshooting Microsoft Exchange 2000 Server Performance
Exchange Core Documentation
QUESTION 5
How should you design a backup solution that fulfills the company's requirements?
A. Create three storage groups: one for the Legal department, one for public folders.
Create one information store in each storage group.
Backup all three storage groups to a single tape.
B. Create three storage groups: one for the Legal department, one for public folders.
Create one information store in each storage group.
Backup each storage group to a separate tape.
C. Create two storage groups: one for Legal department and one for other mailboxes and
public folders.
Back up both of the storage groups to a single tape.
D. Create two storage groups: one for Legal department and one for other mailboxes and
public folders.
Back up each of the storage groups to a separate tape.
Answer: B
Databases and Storage Groups
It might be easiest to understand backup and restore in Exchange 2000 by looking at the
differences between Exchange 5.5 and Exchange 2000. For information about backup and restore
in Exchange 5.5, see the Exchange 5.5 documentation and related sources on the Exchange Web
site at http://www.microsoft.com/exchange .
The first and most obvious difference is that the architecture of the Web Storage System and
Extensible Storage Engine (ESE) has changed:
.
Instead of a fixed database layout, Exchange 2000 has storage groups. A storage group
�
corresponds to an instance of ESE (with it's own sequence of transaction log files).
Exchange 2000 supports four storage groups per server.
Note In this discussion, the generic word database refers to either a mailbox store or a public
folder store in a storage group.
.
Each storage group can support up to five databases, and each database can contain either
mailboxes or public folders. The transactions for all databases in a storage group are
contained in the single set of log files.
Although the backup application programming interface (API) incorporates a number of changes,
online backup still looks and acts very much the same as in Exchange 5.5. On a server with a
single mailbox store or public folder store, the differences are minimal. Most changes pertain to
backing up multiple storage groups and databases.
You can restore a single database in a storage group running multiple databases without taking
the others offline. You can run parallel backups and restores to support large configurations.
These features are possible because:
.
Backup runs on a storage group. This is because a storage group corresponds to an
instance of ESE and an instance of the backup API.
.
Backup runs sequentially against the databases in a storage group. It is not necessary to
back up all the databases in a storage group as part of the same job; old transaction logs
are not purged until all databases have been backed up. After a full backup, two things are
deleted: the transaction log files, and the transactions that have been committed to the
databases and that have been backed up. Incremental backups will back up and delete
transaction logs before the checkpoint file.
.
Storage groups can be backed up in parallel. Each storage group is an instance of ESE,
and these run independently of each other, at least as far as backup is concerned.
.
A database can be restored without affecting databases running in the same storage group.
To do so, initialize a reserved instance of ESE to handle the restore (the Web Storage
System is able to support more storage groups than can be created on an Exchange server;
the additional capacity allows for this reserved instance of ESE). You can restore the
database using this temporary instance of ESE, then dismount the database and mount it
in the correct storage group.
.
Databases can be restored in parallel.
These features of Exchange 2000 make backup and restore designs and associated procedures
more complex than in Exchange 5.5. There are some detail changes around restore and recovery
that are necessary to support this level of potential complexity.
.
A restore-in-progress key is no longer used during restore. Individual data structures are
created for each database being restored.
.
It is no longer possible to allow recovery without solving corruption problems, for
example, to play the wrong transaction log files into a database, or to trick a database into
starting when the necessary components are not present on disk.
Backup
Backup works for Exchange 2000 in basically the same way as Exchange 5.5. However, there are
a few differences:
.
Each database consists of two files: the .edb file and .stm file. They are backed up
together. The backup process continues sequentially until all of the databases in the
storage group that have been selected for the current backup are copied to the backup
device.
�
.
The transaction log files and patch files have checksums that are validated during the
backup process.
.
The transaction log files are not truncated until all databases in the storage group have
been backed up. After a full backup, two things are deleted: the transaction log files and
the transactions that have been committed to the databases and that have been backed up.
Incremental backups back up and delete transaction log files that precede the checkpoint
file.
.
A database must be online to be backed up. If a database has been dismounted it cannot be
backed up, and the transaction log sequence will not be truncated.
.
Conduct a full backup after switching from circular logging to non-circular logging.
During circular logging, information in the .stm file is not recorded in the log files. When
you change to non-circular logging, transaction log files still exist that do not have .stm
file data; these transaction logs must not be replayed.
Restore
Restore in Exchange 2000 has changed more than backup. Before you can attempt to restore a
database in Exchange 2000, the following must be true:
.
The relevant service and the Web Storage System must be running.
.
The database to be restored must be dismounted.
The significant differences are as follows:
.
It is possible to restore multiple databases from the same storage group as part of a single
restore job. In this case, the restore process restores all of the databases to disk before
continuing.
.
The transaction log files in the backup set and the patch files are restored to the temporary
disk location specified by the user. The information about the restore previously written to
the restore-in-progress key is written to a file called Restore.env.
.
If multiple datasets are being restored (for example, for differential or incremental
backups), the dataset containing the full backup must be restored last. When the last
dataset is being restored, you must select Last Backup Set.
.
After all files are restored, recovery begins. The Restore.env file is used to find the end
and beginning transaction log numbers and the relevant transactions are replayed into the
database. After the end log is replayed, recovery goes to the transaction log files of the
target storage group and continues to play through additional log files until the end of the
sequence is reached.
.
After restore finishes, the database is dismounted from the temporary instance of ESE and
the files in the temporary work area are deleted. If you selected Mount Database after
restore, the database is automatically mounted in the target storage group.
Because parallel restores are possible, the restore process relies on the user to provide a path to
temporary disk space that will be used during the restore. Separate restore processes running at
the same time must use different disk locations. The temporary disk space required is about 10
megabytes (MB) more than the size of the transaction log files and patch files that are being
restored.
After the relevant files are restored to disk, the backup process will have to replay logs to process
log and patch files and make the database consistent. An instance of ESE is required to perform
the recovery, and this is where the reserved instances of ESE are used. ESE itself can support 16
instances, whereas the Web Storage System does not, so there are enough instances of ESE to run
recoveries in parallel.
�
Parallel Operations
Parallel backups and restores put far more stress on input/output (I/O) subsystems than single
database backups and restores. Particular attention must be paid to aggregate I/O bandwidth over
the entire data path between database disks and backup devices.
Exchange 2000 backup and restore is faster than previous versions of Exchange. Rates of up to 70
gigabytes (GB) per hour on backup and 40 GB per hour on restore are possible. However, you
must carefully design the data paths in order to support several concurrent operations at these
rates.
Reference
Exchange 2000 Resource Kit
Chapter 12 -Server Design for Backup and Restore
Chapter 28 -Backup and Restore
QUESTION 6
How should you design the Exchange 2000 Server infrastructure so it will be resistant to the
misuse of distribution groups?
A. Require Kerberos4 authentication.
Use encryption between the client software and the Exchange 2000 Server computers.
Create nested distribution groups.
Limit the users who can use top-level distribution groups.
B. Require Kerberos4 authentication.
Use encryption between the client software and the Exchange 2000 Server computers.
Apply recipient permissions as appropriate.
Use a firewall, and restrict the protocols that are not required.
C. Create mail enabled security groups.
Create nested distribution groups.
Limit users who can access all distribution groups.
Apply recipient permissions as appropriate.
D. Set messages size limits for distribution groups.
Create nested distribution groups.
Limit users who can access top-level distribution groups.
Apply recipient permissions as appropriate.
Answer: D
Explanation
The best way to control the misuse of public folder and mailbox is use a storage policy to control
the aspect of permit size, and apply those users that you will like to kept under strict control
HOW TO: Configure Storage Limits on Mailboxes in Exchange 2000 319583
HOW TO: Configure Storage Limits on Public Folders in Exchange 2000 319439
QUESTION 7
How should you ensure that your Exchange 2000 Server design fulfills the interoperability
requirements for public folder access?
A. Instruct the users to use a newsreader to access public folders.
�
B. Replace the POP3 client software with Outlook Express.
Configure Outlook Express to use IMAP4.
C. Replace the POP3 client software with Outlook 2000.
D. Instruct the users to use Outlook Web Access.
Answer: D
Explanation
You can only access to Public folders, using imap protocol, owa, or mapi client, also because
imap can not access to advanced functions as calendar and rules, best solution is to avoid use of
pop clients or imap, and as standard use outlook 2000 they can not access to Public Folder
structure,
QUESTION 8
How should you deploy the routing groups to increase performance in mixed mode?
A. Deploy Exchange 2000 Server routing groups that correspond to each Exchange
Server 5.5 site.
Install an Exchange Server 5.5 bridgehead Server to connect to one of the Exchange
Server 5.5 sites.
Install an Exchange 2000 Server bridgehead Server to connect to other Exchange 2000
Server routing groups.
B. Deploy Exchange 2000 Server routing groups that correspond to each Exchange
Server 5.5 site.
Install an Exchange Server 5.5 bridgehead Server to connect to one of the Exchange
Server 5.5 sites.
Install an Exchange 2000 Server mailbox Server in each routing group.
C. Deploy one Exchange 2000 Server computer in each Exchange Server 5.5 site.
Configure this Server as the site connector bridgehead Server to connect to the other
Exchange 2000 Server bridgehead servers in each of the other sites.
D. Deploy one Exchange 2000 Server computer in each Exchange Server 5.5 site.
Configure this Server as routing group connector bridgehead Server to connect to the
other Exchange 2000 Server bridgehead servers in each of the other sites.
Answer: D
Explanation
The directory is automatically replicated among servers in a site to ensure that all servers have the
same information. Among sites, the directory is replicated by directory bridgehead servers
according to a schedule you set in the Administrator program. Each site has one or more directory
bridgehead servers that are responsible for keeping the site's directory synchronized with the
directories in other sites.
Choose local connectors. A local connector can send the message directly to the remote site. The
MTA selects local connectors first to avoid an extra hop to the remote MTA in the site. Remote
connectors require the MTA to pass the message to a messaging bridgehead server before the
message can be passed to the remote site. Using local connectors reduces the need for additional
processing power and bandwidth to transmit the message.
When to Use Multiple Routing Groups
If you have a single physical location and all servers are connected through a reliable, permanent
link, you might not need multiple routing groups. However, you might need multiple routing
groups under one or more of the following conditions:
.
Network connectivity is unreliable.
.
You want to control the message paths in an Exchange organization; for example, if you
need to alter the messaging path from a single-hop to multi-hop, such as when servers are
located in separate physical locations, but the servers are configured to communicate in a
single-hop environment.
.
You want to schedule messaging between two locations.
.
You want to control public folder referrals. Public folder referrals will preferentially go to
a server in the same routing group, and then through the least cost route between routing
groups by using connectors that allow referrals.
Routing Group Topology
The link state provides flexibility in designing routing groups, particularly by allowing multiple
paths between routing groups.
Multiple Paths Available Between Routing Groups
In earlier versions of Exchange, the site topology takes into account the possible message
bouncing that occurs when sites have multiple routes between them. This means that most site
topologies are hub-and-spoke, with only a single connector between the hub and each spoke.
Exchange 2000 uses the link state table, which makes this topology unnecessary because
messages do not bounce back and forth. If a connector fails, the message can be rerouted through
another routing group, and will bounce back to the original routing group because Exchange
determines if the connector is down and propagates that state information around the
organization.
Reference
Exchange 2000 Server Resource Kit
Part 10 -Exchange Architecture
Chapter 31 -Optimizing Exchange 2000
QUESTION 9
What changes should you make to the Exchange Server 5.5 environment to deploy
Exchange 2000 Server?
A. Disable circular logging on all of the servers.
Stop the virus-scanning software services prior to upgrading to Exchange 2000 Server.
After the upgrade, restart the virus-scanning software services.
B. Enable circular logging on all of the servers.
Stop the virus-scanning software services prior to upgrading to Exchange 2000 Server.
After the upgrade, restart the virus-scanning software services.
C. Disable circular logging on all of the servers.
Uninstall the virus-scanning software services prior to upgrading to Exchange 2000
Server.
D. Enable circular logging on all of the servers.
Uninstall the virus-scanning software services prior to upgrading to Exchange 2000
Server.
�
Answer: C
Explanation
Circular Logging
In Exchange 2000, circular logging is disabled by default. This is different from earlier versions
of Exchange because the use of transaction log files greatly enhances the recovery of an
Exchange server. Databases within a storage group share transaction log files. Therefore, the
circular logging setting applies to one storage group at a time
Description of Circular Logging
In the standard transaction logging used by Exchange 2000 Server, each database transaction in a
storage group is written to a log file and then to the database. When a log file reaches a certain
size, it is renamed and a new log file is created. Over time, this results in a set of a log files. If
there is a crash, you can recover the transactions by replaying the data from these log files into
the database.
Circular logging overwrites and reuses the first log file after the data it contains has been written
to the database. In Exchange 2000 Server, circular logging is disabled by default. By enabling it,
you reduce drive storage space requirements, but without complete transaction log files, you
cannot recover anything more recent than the last full backup. Therefore, in a normal production
environment, circular logging is not recommended.
How to Enable or Disable Circular Logging
Exchange 2000 Server supports multiple databases and storage groups on the same server. You
can create up to four storage groups on a server and each storage group can contain up to five
databases, for a maximum of 20 databases on a single server. Each storage group is controlled by
a separate instance of the Extensible Storage Engine (ESE). Therefore, each storage group shares
the same set of log files. As a result, circular logging is enabled or disabled for a particular
storage group, not for a particular database.
To enable or disable circular logging:
1. Click Start, point to Programs, point to Microsoft Exchange, and then click System
Manager.
2. If the Administrative Groups branch exists in the left pane, expand it, expand the
appropriate administrative group's branch, expand the Servers branch, and then expand
the appropriate server's branch. If the Administrative Groups branch does not exist,
expand the Servers branch in the left pane, and then expand the appropriate server's
branch. To expand a branch, double-click the branch or click the plus sign (+) to the left
of the branch.
3. Right-click the storage group you want, and then click Properties.
4. To enable circular logging, click to select the Enable circular logging check box, and then
click OK. When you are prompted to continue, click Yes.
To disable circular logging, click to clear the Enable circular logging check box, and then click
OK.
5. Restart the information store. To do so:
a. Click Start, point to Programs, point to Administrative Tools, and then click
Services.
b. Click Microsoft Exchange Information Store in the right pane, and then on the
Action menu, click Restart. If a dialog box appears stating that additional services
will be restarted, click Yes.
Note The information store must be restarted because when it starts, it reads configuration
�
information from Microsoft Windows 2000 Active Directory. The Active Directory attribute
associated with the circular logging setting is called MSExchESEParamCircularLog. When
circular logging is enabled, this attribute is set to 1. When circular logging is disabled, it is set to
0.
Final Preparation
After completing the previous steps, you must uninstall (remove) any virus-scanning software,
backup software, or other third-party products or their agents from these systems. Exchange 2000
Setup may fail if these are still operational during the upgrade.
Note You also need to find replacements for these software applications that are compatible with
Exchange 2000
Reference
Exchange 2000 Server Resource Kit
Chapter 10 -Preparing an Existing Environment
Exchange 2000 upgrade series
Chapter 5 -Upgrading Exchange Server 5.5 to Exchange 2000 Server
QUESTION 10
You need to deploy Exchange 2000 Server on a cluster. You install Exchange 2000 Server
on the first Server node that has the Windows 2000 cluster service installed. What should
you do next?
A. Create mailboxes and then start using the first Server node in production.
When clustering is required, install Exchange 2000 Server on the second Server node
that has hardware identical to that of the first Server node.
B. Create an Exchange virtual Server on this node.
Create mailboxes and then start using the first Server node in production.
When clustering is required, install Exchange 2000 Server on the second Server node
that has hardware identical to that of the first Server node.
Create an Exchange virtual Server on the second node.
Create mailboxes and then start using the second Server node in production.
C. Install Exchange 2000 Server on the second Server node in the cluster.
Create an Exchange virtual Server on each Server node.
Create mailboxes on each node, and then start using the clustered Servers in
production.
D. Install Exchange 2000 Server on the second Server node in the cluster.
Create storage groups and mailboxes, and then start using the clustered servers in
production.
Answer: C
Explanation
After install Exchange on the first cluster node you will need to configure the second node to
provide failover capacities active/passive or active/active configuration
Reference
XADM: How to Add an Exchange 2000 Virtual Server to a Cluster Server 293510
HOW TO: Implement Exchange 2000 Server on a Windows 2000-Based Cluster 328875
QUESTION 11
How should you design a recovery solution that fulfills the archiving requirements?
A. Ensure that circular logging is enabled on all servers. When a restore is required,
perform the following steps:
? Restore the storage group that contains the information store that must be
recovered.
? Mount the information store.
? Re-create the index for the information store if required.
B. Ensure that circular logging is enabled on all servers. When a restore is required,
perform the following steps:
? Restore the storage group that contains the information store and the index that
must be recovered.
? Mount the information store and the index.
C. Ensure that circular logging is disabled on all servers. When a restore is required,
perform the following steps:
? Restore the information store that must be recovered.
? Mount the information store, and replay the transaction logs.
? Re-create the index for the information store if required.
D. Ensure that circular logging is disabled on all servers. When a restore is required,
perform the following steps:
? Restore the information store and the index that must be recovered.
? Mount the information store and the index, and replay the transaction logs.
Answer: C
Explanation
Determine whether or not circular logging is enabled for the storage group. You do not need to
disable circular logging to perform offline backups. However, you must disable circular logging
if you want to replay transaction logs into restored offline backups. To successfully replay
transaction logs, you must restore database files (.edb and .stm) to the same path locations from
which the files were backed up.
There is currently no method other than online backup to verify the checksums for each page of
an .stm file. The .stm file contains raw data. All of the indexes and pointers that organize that data
are in the .edb file. A problem in the .stm file causes some specific client data loss, but does not
compromise the structural or logical integrity of the database as a whole
Incorrect Answers
A is wrong they have circular logging enabled
B is wrong they have circular logging enabled
C they are mounting the store and recreating indexing after that
Reference
.
XADM: How Log Files Are Replayed During Exchange 2000 Server Restore Procedure
232922
.
XADM: How to Restore an Information Store Database to a Server That Resides in the
Same Active Directory Forest 324127
.
How to Back Up and Restore an Exchange Computer by Using the Windows Backup
�
Program 258243
.
Offline Backup and Restoration Procedures for Exchange 296788
QUESTION 12
What should be backed up to meet the goals of the technology specialist? (Choose two)
A. All of the Exchange 2000
B. All of the Windows 2000
C. All storage groups and databases
D. IIS Metabase
E. System State
F. Windows 2000 Active Directory
G. The complete contents of each server backed up offline.
Answer: C, E
Explanation
To get a full disaster recovery we need to select three options but just permit to select two.
This is one of the questions that may be market for comments
In this way we select system state and All storage groups and databases
These include the following:
.
Active Directory (on domain controllers)
.
The system volume (on domain controllers)
.
The Internet Information Services (IIS) metabase (Exchange 2000 Server uses IIS to
transport messages using the Simple Mail Transfer Protocol (SMTP).
.
The boot files
.
The COM+ class registration database
.
The registry
.
Certificate Server (if it's running on your system)
.
Exchange 2000 Server storage groups
They tell us
Technology Specialist:
The technology specialist who is responsible for the exchange server computers wants to meet
these objectives:
.
The design should minimize total disk space requirements by maximizing single-instance
storage.
.
Only the essential items that are needed to perform a complete mailbox server recovery
should be backed up to tape on a nightly basis.
.
The design must protect against message storms and the misuse of distribution groups.
Reference
Exchange 2000 Server Disaster Recovery: Worst-Case Survival Handbook
Case Study #5, A Datum Corporation
Introduction:
You are hired to provide services in design and deployment for A Datum Corporation. You need
�
to evaluate the company's existing messaging infrastructure, access current and future business
needs and design and deploy exchange 2000 server in the company's environment.
Background:
Company Profile:
A Datum Corporation is one of the largest manufacturers of automotive parts in the world. The
company consistently places emphasis on producing quality products and keeping overhead costs
as low as possible. The company sets its products exclusively through 125 distributors.
Company headquarters is located in Los Angeles. The company has a total of 30,000 employees.
Office locations and number of employees are shown in the list:
Location Employees
Brisbane 2,100
Hong Kong 200
Jakarta 80
London 2,000
Los Angeles 20,000
Mexico City 720
Munich 2,200
Paris 2,500
Tokyo 125
Toronto 75
Business Plan:
The business of A Datum Corporation is to design, develop, and produce high-quality automotive
parts. The company has a large engineering group that is producing parts for both the newest
automobile models and the rarest automobiles.
Existing IT Environment:
Network Diagram:
The network diagram is shown in the exhibit. Click the exhibit button.
Chief Information Officer (CIO):
Our current IT environment is fairly up-to-date and is working reliably. However, we want to use
exchange 2000 server to provide easier administration and greater efficiency of resources. We
also want t investigate whether the services in exchange 2000 server can be used to increase our
profitability and to provide enhanced services to our employees.
�
Our manufacturing environment operates in two shifts per day, seven days a week. We must
provide a reliable computing environment for messaging, data sharing, and assembling line
documentation and work orders. We want to find new ways to enhance productivity on the
assembly line and also want to provide new communication channels from the assembly-line
workers to managers and design engineers.
Director of IT:
Our environment consists of a Microsoft windows 2000 active directory network. All client
computers on the network run windows 2000 professional. We have an exchange server 5.5
messaging system for the entire list:
.
Brisbane
.
Hong Kong
.
Jakarta
.
Tokyo
Deployment is planned in the offices in this order:
.
Los Angeles
.
Paris
.
Brisbane
.
Mexico city
.
Toronto
.
Hong Kong
.
Jakarta
.
London
.
Munich
.
Tokyo
After completing the upgrades, we want to change the native mode immediately.
We hire temporary employees during periods of peak demand. For temporary employees, I want
to limit the mailbox to 25MB, and I want to keep the mailbox backups for one year.
I want to provide company exclusives with access to their e-mail from their home offices, but I
do not want our technical support staff to provide equipment or install special software on these
home computers.
I want to maximize the connectivity between our offices and ensure that our mail is replicated as
efficiently as possible. Public fold are not used.
Our migration plan must allow for coexistence during the entire upgrade process.
Messaging System:
The current exchange server 5.5 environment has been divided into six exchange server 5.5 sites.
.
The Los Angeles site contains the Los Angeles and Mexico City Offices.
.
The Paris site contains the London, Munich, and Paris offices.
.
The Brisbane, Hong Kong, Jakarta, and Tokyo sites each contain only their own offices.
Users in the Tokyo office use an exchange 2000 server computer in the Los Angeles office to
store their mailboxes.
There are permanent employees, company executives, engineers, and temporary employees in all
offices.
Hardware:
These benchmarks were achieved when exchange 2000 server was tested on the physical
hardware configurations:
.
Each exchange 2000 server computer can support 3,000 users
.
Each exchange 2000 server computer can generate approximately 45 global catalog
queries per second.
The global catalog server configuration can support 140 queries per second
Questions, Case Study #5, A Datum Corporation
QUESTION 1
You are designing the routing infrastructure for the Exchange 2000 Server implementation.
What should you do on the Exchange 2000 Server computers?
A. Install the Internet Authentication Services.
B. Install and use the Key Management Service (KMS).
C. Configure the servers to require Transport Layer Security (TLS).
D. Configure the TCP/IP settings on the servers to require IPSec.
Answer: D
Explanation
We can provide a reliable computing environment for messaging, data sharing, and assembling
line documentation and work orders. Implementing IPSEC communications for Exchange servers
IPSEC Protection against attacks
IPSec protects data so that an attacker finds it extremely difficult or impossible to interpret it. The
level of protection provided is determined by the strength of the security levels specified in your
IPSec policy structure.
IPSec has a number of features that significantly reduce or prevent the following attacks:
.
Sniffers (lack of confidentiality)
The Encapsulating Security Payload (ESP) protocol in IPSec provides data confidentiality by
encrypting the payload of IP packets.
.
Data modification
IPSec uses cryptography-based keys, shared only by the sending and receiving computers, to
create a cryptographic checksum for each IP packet. Any modification to the packet data alters
the checksum, which indicates to the receiving computer that the packet was modified in transit.
.
Identity spoofing, password-based, and application-layer attacks
IPSec allows the exchange and verification of identities without exposing that information to
interpretation by an attacker. Mutual verification (authentication) is used to establish trust
between the communicating systems and only trusted systems can communicate with each other.
After identities are established, IPSec uses cryptography-based keys, shared only by the sending
and receiving computers, to create a cryptographic checksum for each IP packet. The
cryptographic checksum ensures that only the computers that have knowledge of the keys could
have sent each packet.
.
Man-in-the-middle attacks
IPSec combines mutual authentication with shared, cryptography-based keys.
.
Denial-of-service attacks
IPSec uses IP packet filtering methodology as the basis for determining whether communication
is allowed, secured, or blocked, according to the IP address ranges, IP protocols, or even specific
TCP and UDP ports.
They tell us
�
I want to provide company exclusives with access to their e-mail from their home offices, but I
do not want our technical support staff to provide equipment or install special software on these
home computers.
We must provide a reliable computing environment for messaging, data sharing, and assembling
line documentation and work orders.
QUESTION 2
You are designing global catalog Server configuration for the Los Angeles office. How many
global catalog servers should you implement?
A. one
B. two
C. three
D. four
Answer: C
Explanation
The Los Angeles site contains the Los Angeles Toronto, and Mexico City Offices and theirs
user's number is
Los Angeles 20,000 Mexico city 720 and Toronto 75 users
They have a 384 Frame relay connections
Also we must take care that they are planning Exchange in Los Angeles, Mexico and Toronto
In that way best consideration is three CG to support Exchange Directory queries
AD sites Plus Exchange Placement
QUESTION 3
What is the maximum number of mailbox stores needed for the Brisbane office?
A. one
B. two
C. three
D. four
E. five
�
Answer: D
Explanation
They have 2100 users in Brisbane
But the trick here is that they also have three more sites here, Hong Kong, Jakarta and Tokyo
And they tell us that exchange will be deployed in those sites. In this situation you need four
mailbox servers.
QUESTION 4
You are designing Exchange 2000 Server configuration for the Los Angeles office. How
many Exchange 2000 mailbox Servers should you implement?
A. one
B. two
C. three
D. four
E. five
F. six
G. seven
H. eight
Answer: G
Explanation
The Los Angeles site contains the Los Angeles Toronto, and Mexico City Offices
The current exchange server 5.5 environments have been divided into six exchange server 5.5
sites.
The Los Angeles site contains the Los Angeles and Mexico City Offices.
Los Angeles users are 20,000 plus 720 Mexico users plus 75 Toronto users
20,795 total user's number
They tell us that each Exchange server can support 3.000 users
20,795/3,000= 6,9316, We select a little headroom, in this case we need seven servers
�
QUESTION 5
How should you provide fault tolerance for distribution group expansion and name look-ups for users in the
Toronto office?
A. Ensure that there are two or more global catalog servers in the Toronto office.
B. Ensure that there are two or more domain controllers in the Toronto office domain.
C. Ensure that there are two or more global catalog servers in the same Active Directory
site and domain as the Exchange 2000 Server computer in Los Angeles office.
D. Ensure that there are two or more domain controllers in the same Active Directory site
and the domain as the Exchange 2000 Server computer in Los Angeles computer.
Answer: C
Explanation
To provide fault tolerance we need that exchange queries can be do it to at least two GC, in their
site and their exchange also need to be in the same domain as the AD GC
QUESTION 6
What should you do to minimize the effect of denial-of-service attacks on the Server that is
used by company executives for remote e-mail access?
A. Use two storage groups on the Exchange 2000 Server computer that runs Outlook
Web Access.
B. Place two front-end Exchange 2000 Server computers in an Internet perimeter
network (DMZ).
C. Enable IPSec on the Exchange 2000 Server computer that runs Outlook Web Access.
D. Enable SSL connections on the Exchange 2000 Server computer that runs Outlook
Web Access and place the Server in an Internet perimeter network (DMZ).
Answer: B
Explanation
Basic security an PKI knowledge question. We have a NLB cluster Server in our perimeter
network. This mean that external users are accessing to our OWA site over SSL. Although we
can use MS certificate services to secure our Web server. This certificates need to be distributed
to any client in order to avoid the typical error. Avoid ROOT authority unknown. In this way we
will need to obtain just one certificate for our NLB cluster and put the same certificate in each
Web server that are in the cluster.
IPSEC Protection against attacks
IPSec protects data so that an attacker finds it extremely difficult or impossible to interpret it. The
level of protection provided is determined by the strength of the security levels specified in your
IPSec policy structure.
IPSec has a number of features that significantly reduce or prevent the following attacks:
.
Sniffers (lack of confidentiality)
The Encapsulating Security Payload (ESP) protocol in IPSec provides data confidentiality by
encrypting the payload of IP packets.
.
Data modification
�
IPSec uses cryptography-based keys, shared only by the sending and receiving computers, to
create a cryptographic checksum for each IP packet. Any modification to the packet data alters
the checksum, which indicates to the receiving computer that the packet was modified in transit.
.
Identity spoofing, password-based, and application-layer attacks
IPSec allows the exchange and verification of identities without exposing that information to
interpretation by an attacker. Mutual verification (authentication) is used to establish trust
between the communicating systems and only trusted systems can communicate with each other.
After identities are established, IPSec uses cryptography-based keys, shared only by the sending
and receiving computers, to create a cryptographic checksum for each IP packet. The
cryptographic checksum ensures that only the computers that have knowledge of the keys could
have sent each packet.
.
Man-in-the-middle attacks
IPSec combines mutual authentication with shared, cryptography-based keys.
.
Denial-of-service attacks
IPSec uses IP packet filtering methodology as the basis for determining whether communication
is allowed, secured, or blocked, according to the IP address ranges, IP protocols, or even specific
TCP and UDP ports.
Microsoft network client: Digitally sign communications (always)Description
This security setting determines whether packet signing is required by the SMB client
component.
The server message block (SMB) protocol provides the basis for Microsoft file and print sharing
and many other networking operations, such as remote Windows administration. To prevent maninthe-
middle attacks that modify SMB packets in transit, the SMB protocol supports the digital
signing of SMB packets. This policy setting determines whether SMB packet signing must be
negotiated before further communication with an SMB server is permitted.
�
Using NTLMv2 helps eliminate man-in-the-middle attacks
A security attack in which an attacker intercepts and possibly modifies data that is transmitted
between two users. The attacker pretends to be the other person to each user. In a successful maninthe-
middle attack, the users are unaware that there is an attacker between them, intercepting
and modifying their data. Also referred to as a bucket brigade attack.in which an attacker tries to
force authentication using the less secure Lan Manager (LM) Authentication protocol.
Reference
Windows 2000 Server Help
Exchange Server 2000 Resource KIT
Exchange server help
How to Configure Certificate Server for Use with SSL on IIS KB 218445
HOW TO: Load Balance a Web Server Farm Using One SSL Certificate in IIS KB 313299
QUESTION 7
How should you design the Exchange 2000 Server administrative groups in native mode?
A. Use one administrative group that contains all of the Exchange 2000 Server computers
for all the offices. Delegate appropriate permissions to the technical support staff on
the Paris and Brisbane office.
B. Use three administrative groups, one each for the office in Brisbane, Los Angeles and
Paris. Configure each group to include the servers that are administered by that office.
C. Use six administrative groups one for the Los Angeles and Mexico City offices and
one for London, Paris and Munich offices and one each for Brisbane, Hong Kong,
Jakarta and Tokyo offices.
D. Use nine administrative groups one each for the offices in Brisbane, Hong Kong,
Jakarta, London, Los Angeles, Mexico City, Munich, Paris and Tokyo.
Answer: B
Explanation
They have not special administrative requirements also their Actual Messaging System is:
.
The Los Angeles site contains the Los Angeles and Mexico City Offices.
.
The Paris site contains the London, Munich, and Paris offices.
.
The Brisbane, Hong Kong, Jakarta, and Tokyo sites each contain only their own offices.
In this way the best answer is B
QUESTION 8
Which two actions should you perform to allow users in the Toronto office to use an SMTP
domain address of adatum.ca? (Choose Two)?
A. Place a global catalog server in the Toronto organizational Unit (OU)
B. Create a recipient policy that is filtered for the Toronto users.
C. Create a group policy for the Toronto Organizational Unit (OU)
D. Reconfigure the Recipient Update service for the Toronto Organizational Unit (OU)
E. On the external DNS server, create an MX record for the Toronto Domain.
F. ON the external Dns server, Create an SRV record for the exchange for the exchange
2000 server computer in the LOSANGELES office.
Answer: B, E
Explanation
We can get this by apply a recipient smtp policy to Toronto mailbox store users, also we will
need a MX record for that domain, to permit to exchange to routing the mail follow to the
adequate recipient
Reference
XIMS: How to Receive Messages for Two SMTP Domains Using Exchange 2000 289833
QUESTION 9
Which action or actions should you perform to maximize security on the server that is used
by company executives for remote e-mail access? (Choose all that apply)?
A. Use Ipsec to encrypt traffic on port 25
B. Use Ipsec to encrypt traffic on port 80
C. Use the internet authentication service
D. Use digital certificates on client computers
E. Require SSL connections on the front end server
F. Place a front end server outside the internet firewall.
Answer: D, E
Explanation
We need to use certificates, to communicate with Exchange over a PKI infrastructure using SSL
certificates in that way we need, D and E, most secure way.
We can communicate with SLL to an OWA server with just a Certificate in the server part or
better with a server part that ask for a user for certificate.
