Exam MS-101 topic 3 question 33 discussion

YNN - https://docs.microsoft.com/en-us/Exchange/policy-and-compliance/mailbox-audit-logging/enable-or-disable?view=exchserver-2019 Caution Auditing of mailbox owner actions can generate a large number of mailbox audit log entries and is therefore disabled by default. We recommend that you only enable auditing of specific owner actions needed to meet business or compliance requirements.

YNY ..LAST ITEM IS YES. https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-mailbox-auditing?view=o365-worldwide Look at the table for COLUMN OWNER, and it is log for mailbox login

By default, only non-owner mailbox audit logging is enabled, and owner mailbox audit logging is disabled. If you have to perform owner mailbox audit logging to investigate a specific issue, you can temporarily enable the process for a two-week period.

Based on the link below, the answer is YNN. https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-mailbox-auditing?view=o365-worldwide

From the reference URL: When you configure a user or computer account to bypass mailbox audit logging, access or actions taken by the user or computer account to any mailbox isn't logged. So whatever User1 is doing in User2's mailbox won't be logged. User2, and User3, will be audited. I say the answers are N, Y, Y.

https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-mailbox-auditing?view=o365-worldwide is the right link but:" A check mark (Check mark.) indicates the mailbox action CAN be logged for the logon type." This means it is not logged by default as an asterisk: " An asterisk ( * ) after the check mark indicates the mailbox action is logged by default for the logon type." Login to thier onwn mailbox is not audit by default. YNN

Answer is correct Y-N-Y Starting in January 2019, Microsoft is turning on mailbox audit logging by default for all organizations. ...actions performed by mailbox owners, delegates, and admins are automatically logged, and the corresponding mailbox audit records will be available when you search for them in the mailbox audit log. https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-mailbox-auditing?view=o365-worldwide When you configure a user or computer account to bypass mailbox audit logging, access or actions taken by the user or computer account to any mailbox isn't logged https://docs.microsoft.com/en-us/powershell/module/exchange/set-mailboxauditbypassassociation?view=exchange-ps

By default. owner audit logging is not turned on. It should only be used if you have to investigate an action by the owner of the mailbox. It should be used for a limited time period, approximately two weeks. This is because the audit log entries are stored in the mailbox, and this may cause the mailbox dumpster to exceed the size limit. https://docs.microsoft.com/en-us/office365/troubleshoot/audit-logs/mailbox-audit-logs

YNN. Owner actions by default are not audited, so User 3 signing in to her mailbox is not audited.

When you configure a user or computer account to bypass mailbox audit logging, access or actions taken by the user or computer account to any mailbox isn't logged. By bypassing trusted user or computer accounts that need to access mailboxes frequently, you can reduce the noise in mailbox audit logs. https://docs.microsoft.com/en-us/powershell/module/exchange/set-mailboxauditbypassassociation?view=exchange-ps Answer is correct

I thing given answer is correct

Since they went through the work of turning off Auditing I'd assume they have turned on auditing for exchange all users manually or with E5 licensing so... Y-N-Y https://docs.microsoft.com/en-us/microsoft-365/compliance/enable-mailbox-auditing?view=o365-worldwide#more-information

User 3 is kinda unclear, in a few other question its stated that Mailbox Login is only audited with E5, the Question doesnt Mention the currently used License. so User3 could be either Yes or No

Answer and reference seem correct.