What should you recommend for each certificate?

– by 1

HOTSPOT
You deploy an Exchange Server 2016 organization. The organization contains two servers. The servers are configured as shown in the following table.


The default self-signed certificates are installed on both servers.
All of the users in the organization work from home and from customer locations.
You purchase a Layer 7 hardware-based load balancer. You configure SSL bridging without session affinity for Outlook on the web connections. The load balancer has an internal fully qualified domain name (FQDN) of lb1.contoso.local.
DNS servers are configured to resolve mail.contoso.com names to the external IP address of the load balancer.
You need to recommend which names must be included in the certificates installed on the load balancers and the Exchange servers.
What should you recommend for each certificate? To answer, select the appropriate options in the answer area.
Hot Area:


microsoft-exams

One thought on “What should you recommend for each certificate?

  1. mail.contoso.com
    ex01.contoso.local
    ex02.contoso.local
    Stated in the technet article: SSL should terminate at the load balancer as this offers a centralized place to correct SSL attacks. So a certificate is not needed from a global provider for the Exchange servers.
    First answer is mail.contoso.com
    The question states The default self-signed certificates are installed on both servers.
    So not needing SSL on the servers because the Layer 7 load balancer handles all SSL request and the servers have the default self-signed certificates.
    ex01.contoso.local
    ex02.contoso.local
    https://technet.microsoft.com/en-us/library/jj898588(v=exchg.160)

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.