ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-203 All Questions

View all questions & answers for the MS-203 exam
Go to Exam

Exam MS-203 topic 2 question 28 discussion

Actual exam question from Microsoft's MS-203
Question #: 28
Topic #: 2
[All MS-203 Questions]

HOTSPOT -
You have a Microsoft Exchange Online tenant named contoso.com.
Email messages from a remote domain named fabrikam.com are received from a server that uses a wildcard certificate for fabrikam.com and are encrypted by using TLS.
Fabrikam.com is switching to a third-party cloud filtering service for inbound and outbound email. The IP address used by the third-party service is
131.107.200.10.
You need to reconfigure the connector to only accept messages from fabrikam.com that are encrypted and received from the third-party service.
Which two settings should you modify for the connector? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/exchange/mail-flow-best-practices/use-connectors-to-configure-mail-flow/set-up-connectors-for-secure-mail-flow-with-a-partner
by Exchangist at Sept. 30, 2021, 9:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
learnerearner
Highly Voted 2 years, 5 months ago
So basically, add the IP address and remove the wildcard certificate option ?
upvoted 10 times
...
Amir1909
Most Recent 6 months, 2 weeks ago
Correct
upvoted 1 times
...
MarkusSan
1 year, 4 months ago
1.st Box is correct 2.nd Box should be the "+" sign to add the IP from the 3rd Party!
upvoted 2 times
...
SkyGurl
2 years, 2 months ago
3/24/2022 - on the exam
upvoted 3 times
...
gta33578
2 years, 6 months ago
on exam 11-27-21
upvoted 3 times
...
SCT
2 years, 7 months ago
Answer is correct
upvoted 2 times
...
Alexandersss
2 years, 8 months ago
in fact, could someone explain the answer in more detail?
upvoted 1 times
morito
2 years, 7 months ago
I'll try. Given best practises, you should never send a Wildcard certificate to any external it service partner. What should be done is they send a certificate with a scoped SAN Name, which will require to specify the exact subdomain in the settings for TLS. Therefore, that setting must be changed as well.
upvoted 2 times
...
...
Exchangist
2 years, 8 months ago
Hmm...can anyone provide a more detailed explanation for the choice of these answers?
upvoted 3 times
morito
2 years, 7 months ago
I'll try. Given best practises, you should never send a Wildcard certificate to any external it service partner. What should be done is they send a certificate with a scoped SAN Name, which will require to specify the exact subdomain in the settings for TLS. Therefore, that setting must be changed as well.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel