1.What parameters that the default throttling policy contains?
- DiscoveryMaxConcurrency: The maximum number of In-Place eDiscovery searches a user can perform concurrently;
- DiscoveryMaxMailboxes: The maximum number of mailboxes that can be searched in a single In-Place eDiscovery search. Public folder mailboxes are also counted against the source mailbox limit;
- DiscoveryMaxStatsSearchMailboxes: The maximum number of mailboxes that can be searched in a single In-Place eDiscovery search that still allows us to view keyword statistics;
- DiscoveryMaxKeywords: The maximum number of keywords that can be specified in a single In-Place eDiscovery search;
- DiscoveryPreviewSearchResultsPageSize: The maximum number of items displayed on a single page when previewing In-Place eDiscovery search results;
- DiscoverySearchTimeoutPeriod: The number of minutes that an In-Place eDiscovery search will run before it times out.
2.How the retention tags and the retention policies are used in the overall MRM strategy?
- Assigning retention policy tags (RPTs) to default folders, such as the Inbox and Deleted Items;
- Applying default policy tags (DPTs) to mailboxes to manage the retention of all untagged items;
- Allowing the user to assign personal tags to custom folders and individual items;
- Separating MRM functionality from users’ Inbox management and filing habits. Users aren’t required to file messages in managed folders based on retention requirements. Individual messages can have a different retention tag than the one applied to the folder in which they’re located.
3.What are the retention actions for retention tags?
- Move to archive (only available for DPTs and personal tags);
- Delete and allow recovery;
- Permanently delete.
4.What retention tags that a retention policy can have?
- Default policy tag (DPT):
- One DPT with the Move to archive action;
- One DPT with the Delete and allow Recovery or Permanently delete actions;
- One DPT for voice mail messages with the Delete and allow recovery or Permanently delete action.
- Retention policy tags (RPTs):
- One RPT for each supported default folder.
- Personal tags:
- Any number of personal tags.
5.What can we do with administrator audit logging?
We can use administrator audit logging in Exchange Server to log when a user or administrator makes change in our organization.
6.What gets audited?
- Cmdlets that are run directly in the Exchange Management Shell are audited. In addition, operations performed using the Exchange admin center (EAC) are also logged because those operations run cmdlets in the background;
- Cmdlets, regardless of where they’re run, are audited if a cmdlet is on the cmdlet auditing list and one or more parameters on that cmdlet are on the parameter auditing list.
7.How to configure audit logging?
Using the Set-AdminAuditLogConfig Cmdlet.
8.How to specify what cmdlet we wat to log?
Using the Set-AdminAuditLogConfig Cmdlet with the parameter of AdminAuditLogCmdlets.
9.How to specify what Parameters we wat to log?
Using the Set-AdminAuditLogConfig Cmdlet with the parameter of AdminAuditLogParameters.
10.How to change the audit log age limit ?
Using the Set-AdminAuditLogConfig Cmdlet with the parameter of AdminAuditLogAgeLimit.