PdfPrep.com

How should you configure the DNS record?

Topic 9, Contoso, Ltd (Case Study A)

Background

Contoso, Ltd. is a global manufacturing company with headquarters in Dallas. All sales users are located at the headquarters. Currently all Contoso, Ltd. users use the following on-premises services:

 -Microsoft Exchange Server 2016

 -Microsoft Skype for Business Server 2015

 -Active Directory Domain Services (AD DS) domain for contoso.com

Many temporary workers are hired and terminated on a regular basis at the Dallas location, Contoso, Ltd. purchases two other manufacturing companies, Fabrikam, Inc. and ADatum Corporation. Fabrikam, Inc. is based in London. Fabrikam, Inc. has an on-premises third-party email system that uses @fabrikam.com for all email addresses. Fabrikam, Inc. does not have an Active Directory domain.

ADatum Corporation is based in Paris. The company is in the process of migrating users to Exchange Online. They plan to migrate users to Microsoft OneDrive for Business for file storage and sharing. All ADatum Corporation account identities will be cloud based.

You deploy Microsoft Office 2016 client apps to all corporate devices.

In preparation for the deployment of Office 365 services, you set up the latest version of Azure Active Directory (Azure AD) Connect for the contoso.com domain. The application runs on Server1.contoso.com and uses a Microsoft SQL Server database instance that runs on Server2.contoso.com. The sync schedule is configured to synchronize every two hours.

You purchase the following four servers for future needs: Server3, Server4, Server5, and Server6. All new servers for the contoso.com domain must run Windows Server 2012 R2.

Business Requirements

Contoso, Ltd. users must be able to store and share personal documents that are accessible from any web browser or mobile device. Fabrikam, Inc. users must be able to send individual instant messages as well as use group chat workspaces.

Office 365

New services should be implemented in Office 365 when possible. There is also a strong push to move existing services to Office 365, but there is currently no money in the budget for data migration. The least expensive Office 365 plan must be used whenever possible.

Password policies

You must implement the following password policies for ADatum Corporation users.

Contoso Sync

You receive reports that new users are not granted access to Office 365 resources fast enough. You must ensure that new accounts are provisioned as quickly as possible.

You observe that the accounts for many temporary workers have not been deprovisioned correctly. You need to ensure terminated users have their access and accounts removed. You must ensure that up to 1,000 accounts can be deleted correctly during each Azure AD Connect sync cycle. You must ensure that deletions of over 1,000 accounts at a time cannot occur.

Single Sign-On

Contoso.com users need to start using sign-on (SSO) for Office 365 resources so they can authenticate against the on-premises Active Directory. Any solution needs to be redundant. Any Internet-facing servers need to reside in the perimeter network.

Problem Statements

Authentication Fallback

Sales users report that they were not able to access any Office 365 resources. Contoso.com users must be able to access Office 365 resources if the on-premises authentication resources are down or unavailable. You also need to quickly resume SSO authentication when on-premises servers are available again.

ADatum Corporation users report issues sending and receiving emails. Some business partners report that emails from ADatum Corporation are rejected because the receiving server cannot validate that emails come from an authorized messaging server.

HOTSPOT

You need to create a DNS record to resolve the email issues for ADatum Corporation users.

How should you configure the DNS record? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Answer:

Explanation:

MX (mail exchanger) records offer an simple way for mail servers to know where to send email. If you want Office 365 to receive all email addressed to anyone@contoso.com, the MX record for contoso.com should point to Office 365, and it will look like the following example:

Hostname: contoso-com.mail.protection.outlook.com

Priority: 0

TTL: 1 hour

Explanation:

https://support.office.com/en-us/article/Create-DNS-records-at-Register365-for-Office-365-004030b4-10ad-4026-96e7-011b6afc7e73#bkmk_add_mx

https://technet.microsoft.com/en-us/library/jj937232(v=exchg.150).aspx

Exit mobile version