These questions are derived from the Self Test Software Practice Test for Microsoft exam #70-284 – Implementing and Managing Microsoft Exchange Server 2003
Objective: Managing Security in the Exchange Environment
SubObjective: Manage audit settings and audit logs
Single Answer, Multiple Choice
Your company uses Exchange 2003 as its messaging system. The Exchange organization contains five Exchange Server 2003 computers. You are an Exchange administrator for your company. Messaging services are very important for the company’s normal operation, and you must ensure that only authorized personnel have access to the Exchange servers. If anyone tampers with Exchange services on the Exchange servers, you want to have evidence of such events in the security logs.
Which of the following should you do?
- Enable auditing of logon events on the Exchange servers
- On each Exchange server, configure diagnostics logging for all Exchange services.
- Periodically review the system log on each Exchange server. Define a filter to isolate all events that are related to the starting and stopping of Exchange services.
- Periodically review the application log on each Exchange server. Define a filter to isolate all events that are related to the starting and stopping of Exchange services.
A.. Enable auditing of logon events on the Exchange servers
The scenario requires that you collect evidence of possible tampering with Exchange services in the security logs. A Windows security log contains records of security-related events, such as…
Please log in or subscribe to read this article