chap 9
You manage a network with Windows clients, multiple subnets, and Windows DNS servers. You want to be able to resolve a host name for a server on your network to its IPv4 address. What should you do?
Add an A record on the DNS server.
Which of the following DNS components automatically creates and deletes host records when an IP address lease is created or released?
Dynamic DNS
Your Active Directory network uses the internal DNS namespace private.westsim.com. Several other Active Directory domains also exist, which are children to the private.westsim.com domain. On the Internet, your company uses westsim.com for its public domain name. Your company manages its own DNS servers that are authoritative for the westsim.com zone. The private.westsim.com zone has been delegated to your company's Active Directory domain controllers, which are also DNS servers. Computers that are members of the private.westsim.com domain and all child domains must be able to resolve DNS names of Internet resources. However, to help secure your network, DNS queries for resources in the private.westsim.com domain and all child domains must never be sent to Internet DNS servers. Queries for Internet names must go first to your public DNS server that is authoritative for the westsim.com domain. You need to configure your company's DNS servers to meet these requirements. What should you do? (Choose two. Each correct choice is part of the solution.)
Delete root hints to Internet DNS servers on all DNS servers that are authoritative for the private.westsim.com zone or any child zone. On all DNS servers that are authoritative for the private.westsim.com zone or any child zone, create a forwarders list. Forward to DNS servers that are authoritative for the parent zone.
You are a network engineer working for WestSim Corporation. The company has an Internet domain named westsim.com. The private network uses the namespace of private.westsim.com. Your company manages its own Domain Name System (DNS) servers that are authoritative for both of the company's name spaces. Your network consists of several subnets at multiple locations. Sites are connected with WAN links. www.private.westsim.com is an intranet web server that is commonly used throughout the company. You want to ensure that users can always access this server by name, even if an authoritative DNS server is not available. What should you do?
Configure each client computer's HOSTS file with an entry for www.private.westsim.com.
You are system administrator with hundreds of host workstations to manage and maintain. You need to enable hosts on your network to find the IP addresses of alphanumeric host names such as srv1.myserver.com. Which of the following would you
DNS server
The image shows the current scavenging settings for the eastsim.com domain. As you check records in the zone you find several records that have not been updated for 16 days or longer. You need to make sure that records are automatically removed if they have not been updated in the last 14 days. What should you do?
Enable automatic scavenging on the zone
You manage a company network with a single Active Directory domain running on two domain controllers. The two domain controllers are also DNS servers, and hold an Active Directory integrated copy of the zone used on the private network. The network has five subnets, with DHCP servers delivering IP address and other configuration to host computers. All host computers run Windows 7. You want to ensure that all client computers use the DNS server for DNS hostname resolution. Hosts should not be able to automatically discover DNS hostnames, even for computers on their own subnet. What should you do?
Edit the default domain group policy object (GPO). Enable the Turn off Multicast Name Resolution policy.
After reconfiguring the static address of an internal web server named WEB3, your computer can no longer connect to WEB3. However, other users are still able to connect to the same web server.
ipconfig /displaydns
You are visiting one of your company's branch offices to set up a new server and complete some general server management tasks. Employees in the branch office tell you they have been experiencing intermittent issues accessing a server in the home office. You send ICMP requests to the server at the home office from a workstation at the branch office using ping with the -t option. As it continues to send ping requests and receive replies, you find that the ping request times out every few minutes. You suspect that one of the routers between the branch office and the home office may be experiencing issues. Which troubleshooting tool can you use from a Windows workstation to see a map of the routers between the branch office and the home office?
tracert
You are setting up a new network in a single location with a single domain named eastsim.com. All servers run Windows Server 2012 R2, and all clients run Windows 8. You install a DHCP server and configure it with a scope for the single subnet. You install a DNS server with a primary zone for the domain. You want to use dynamic updates DNS records in the zone automatically. What should you do?
Enable dynamic updates on the eastsim.com zone.
Listed below are several DNS record types. Drag the record type on the left the appropriate function on the right.
Provides alternate names to hosts that already have a host record. CNAME Points an IP address to a host name. PTR Points a host name to an IPv6 address. AAAA Points a host name to an IPv4 address. A Identifies servers that can be used to deliver mail MX
The serial number contained within the Start of Authority (SOA) record for a DNS zone on the primary server has been incremented. What condition does this indicate? Information within the DNS zone has been changed, and secondary servers should initiate a zone transfer.
Information within the DNS zone has been changed, and secondary servers should initiate a zone transfer.
You manage the intranet servers for EastSim Corporation. The company network has three domains: eastsim.com, asiapac.eastsim.com, and emea.eastsim.com. The main company website runs on the web1.eastsim.com server with a public IP address of 101.12.155.99. A host record for the server already exists in the eastsim.com zone. You want Internet users to be able to use the URL http://www.eastsim.com to reach the website. What type of DNS record should you create?
CNAME
You are the systems administrator for WestSim Corporation. You have been assigned to set up a new branch office in Tulsa. The branch will be represented by a single domain. You install a single DNS server called TulsaDNS and configure a primary zone for the branch office domain. You test name resolution and find that hosts can only resolve names for hosts within the domain. You need to enable clients in the Tulsa location to resolve names for hosts in other domains within your private network. You would like to minimize traffic across the WAN link between the sites. What should you do?
Configure TulsaDNS to use forwarders.
You are a system administrator for WestSim Corp. As part of new security initiative, the IT department has developed a custom application that reports the host name of all clients that try to access three sensitive servers in the Accounting department. The application has been working fine for the last three months. The company expands and adds a new building with a LAN connection to the rest of the network. This building has its own subnet, 192.168.5.0. You create a scope on an existing DHCP server for this subnet. During a random check of the reporting software, you discover that the application reports only the IP address but not the host name of clients on the new subnet. Everything works as designed for hosts on other subnets. You check the DNS database and find that none of the hosts on that subnet have an associated PTR record. What should you do?
Create a primary reverse lookup zone for subnet 192.168.5.0.
You are the administrator for the corp.westsim.com domain. The network has two child domains, acct.corp.westsim.com and sales.corp.westsim.com. You need to configure DNS name resolution properties on the Srv2.sales.corp.westsim.com server. When a single label name is submitted for name resolution, you want the server to search using the following suffixes: • sales.corp.westsim.com • acct.corp.westsim.com • corp.westsim.com • westsim.com What should you do? Edit the DNS suffix search list policy to configure the custom search suffixes of sales.corp.westsim.com, acct.corp.westsim.com, corp.westsim.com, and westsim.com.
Edit the DNS suffix search list policy to configure the custom search suffixes of sales.corp.westsim.com, acct.corp.westsim.com, corp.westsim.com, and westsim.com.
Your organization's IT department has developed a custom application that reports the host name of each client that tries to access three servers in the accounting department that store sensitive information. You do a random test and find that the program is not reporting the host names for some clients, even though it properly records their IP addresses. This is because the custom application submits reverse lookup requests to the DNS server to discover the host names for the specified IP addresses. As you investigate further, you learn that the clients whose host names could not be reported have static IP addresses and are on subnet 192.168.3.0. What should you do?
Manually create a PTR record in the 3.168.192.in-addr.arpa zone for each host.
You configured the IP address and DNS name of a new internal web server named WEB3. Your first test from a web browser on your workstation was successful. But when you came to work this morning, you were not able access WEB3 from the same workstation using the same browser. You get an error that this site cannot be reached. You have not changed the server's IP configuration since the successful test of the night before. You ping WEB3 using its IP address, and you get a response back. Next, you ping WEB3 using its fully qualified domain name (FQDN), and you get a message indicating that the host could not be found. What can you assume from this message? Name resolution is not working properly.
Name resolution is not working properly.
The Domain Name service is made up of several components. Drag each component on the left to its appropriate description on the right. (Each component may used once, more than once, or not at all.)
The last part of a domain name (.com, .edu, .gov). -Top-level domain (TDL) Used to store entries for host names, IP addresses, and other information in the zone -Records Also called the root domain, it denotes a fully qualified, unambiguous domain name. -. (dot) domain A DNS server that has a full and complete copy of all the records for a particular domain. -Authoritative server Maps a DNS host name to an IPv4 (32-bit) address. -Records Includes the host name and all domain names separated by periods. -Fully qualified domain name (FQDN)
Which of the following describes an additional domain?
Additional domains are second-level domains with names registered to an individual or organization for use on the Internet.
Matching each zone type on left with corresponding characteristics on the right.
Multiple servers hold read-write copies of the zone data - Active Directory-integrated The only writeable copy of the zone database - Primary A read-only copy of the zone database - Secondary Initiates zone transfers - Secondary The replication scope specifies domain controllers that can received a copy of zone data - Active Directory-intergrated
Drag the DNS term on the left to the appropriate definition on the right. (Each term may be used once, more than once, or not at all.)
Uses the IP address to find the host name (or FQDN). -Reverse lookup Client computers submit a DNS request to the DNS server and wait for a complete response. -Recursion The process by which a DNS server or host uses root name servers and subsequent servers to perform name resolution. -Recursion Uses the hostname (or the FQDN) to find the IP address. -Forward lookup
You are the network administrator for a single domain with three subnets. Two subnets have all Windows 8 computers. The conference room uses the third subnet. Traveling salesman come to the conference room and plug in their laptops to gain network access. You have configured a DHCP server to deliver configuration information to hosts on this subnet. DNS is configured for dynamic updates. Overtime, you notice that the size of the DNS database continues to grow. It is beginning to have an adverse effect on DNS server performance. What should you do?
Enable scavenging of stale resource records on the zone and the DNS server
You are the network manager for the westsim.private domain. The SRV1 server runs all file and print services for the network. In the DNS database, it has an A record that maps srv1.westsim.private to the IP address of 192.168.16.10. You want to create a PTR record that maps the IP address to the hostname. In which zone should you create the record?
16.168.192.in-addr.arpa
You enter the ipconfig /all command and see, as a part of the results, the information shown in the image below. If you enter the nslookup command on this same system, which of the following do you expect to see as the address of the default server?
163.128.80.93
You manage the DNS servers for the eastsim.com domain. You have a domain controller named DC1 that holds an Active Directory-integrated zone for the eastsim.com zone. You would like to configure DC1 to use forwarders and root name servers to resolve all DNS name requests for unknown zones. You edit the DNS server properties for DC1. On the Forwarders tab, you find that the Use root hints if no forwarders are available option is disabled. You also find that the entire Root Hints tab is disabled, and you are unable to add any root hint servers. How can you configure the server to use the Internet root name servers for name resolution?
Delete the zone named . on DC1.
Your company uses westsim.com as its public Internet domain name. Your private network has a single Active Directory domain named westsim.local. All westsim.local authoritative DNS servers are configured to forward DNS requests across a firewall to external westsim.com authoritative DNS servers. Based on your security policy, the westsim.local authoritative DNS servers are not to contact other computers across the firewall. You manage all DNS servers that are authoritative for the westsim.com and westsim.local DNS domains. All client computers are members of the westsim.local Active Directory domain and are configured to use westsim.local authoritative DNS servers. Currently, all DNS servers have a root zone. Also, all DNS servers have the default configured cache.dns file in their %systemroot%\dns folder. Client computers on your network must resolve names in the Internet namespace and names in the westsim.local domain. You need to configure your company's DNS servers to meet these requirements. What should you do? (Select three. Each correct answer is part of the correct solution.) Delete the root zone on all westsim.local authoritative DNS servers. Delete the cache.dns file on all westsim.local authoritative DNS servers. Delete the root zone on all westsim.com authoritative DNS servers
Delete the root zone on all westsim.local authoritative DNS servers. Delete the cache.dns file on all westsim.local authoritative DNS servers. Delete the root zone on all westsim.com authoritative DNS servers
Listed below are several DNS record types. Match the record type on the left with its function on the right. (Record types may be used once or not at all.) Identify a domain controller.
Identify a domain controller.-SRV Identify a mail server -MX Map a host name to an IPv4 address.-A Map an IPv4 address to a host name.-PTR
Your company's Internet namespace is westsim.com, and your company's internal namespace is internal.westsim.com. Your network has two DNS servers, DNS1 and DNS2. DNS1 is configured with a root zone and is authoritative for the internal.westsim.com domain. DNS2 is authoritative for the westsim.com domain. All client computers are members of the internal.westsim.com domain and are configured to use DNS1 as the primary DNS server. Client computers on your internal network cannot resolve Internet DNS names. You verify that client computers can resolve internal DNS names successfully. You also verify that the internal DNS server is configured to forward all unresolvable DNS names to the company's Internet DNS server. You must keep your internal network as secure as possible while making sure that all client computers can resolve Internet DNS names successfully. What should you do?
On DNS1, delete the . zone.
Your network has a single domain named southsim.com. All client computers run Windows 10. DNS data for the domain is stored on the following servers: • DNS1 holds the primary zone for southsim.com. • DNS2 and DNS3 hold secondary zones for southsim.com. All three DNS servers are located on domain controllers. The DNS zone for the domain is configured to allow dynamic updates. You want to allow client computers to send DNS updates to any of the three servers and allow any of the three servers to update DNS records in the zone. What should you do?
On all three servers, change the zone type of the DNS zone to Active Directory-integrated.
You configured the IP address and DNS name of a new internal web server named WEB3. Your first test from a web browser on your workstation was successful. But when you came to work this morning, you were not able access WEB3 from the same workstation using the same browser. You get an error message stating that this site cannot be reached. You have not changed the server's IP configuration since the successful test the night before. Which troubleshooting step should you try first to discover what the problem might be? Ping WEB3 using its IP address.
Ping WEB3 using its IP address.
The image shows the current scavenging settings for the eastsim.com domain. Automatic scavenging has been configured on the zone to run every hour. You want to modify the existing settings so that DNS records are deleted within 10 days after they have not been refreshed. What should you do?
Set the refresh interval to 3
Mary is in charge of DNS administration for her network. The private network consists of a single Active Directory domain called private.westsim.com. DNS data is stored in an Active Directoryintegrated zone. The sales department has just installed a web server called SalesWeb. This server will host an intranet site for use by the sales team. They want this server to be accessible using the URL sales.westsim.com. What should Mary do?
in the westsim.com domain, create a CNAME record called sales. Identify SalesWeb.private.westsim.com as the target.
You are the DNS manager for the southsim.com domain. You have a domain controller named DC1 running Windows Server 2008 that holds an Active Directory-integrated zone for the eastsim.com zone. Users have complained about multiple DNS name resolution errors. You have examined the configuration but can't see anything wrong. To help identify the problem, you would like to track the DNS packets sent and received by the server as well as filter by IP address. What should you do? On the DNS server enable bug logging
On the DNS server enable debug logging
You are the administrator for the corp.westsim.com domain. The network has two child domains, acct.corp.westsim.com and sales.corp.westsim.com. You need to configure DNS name resolution properties on the Srv2.sales.corp.westsim.com server. When an unqualified name is submitted for name resolution, you want the server to search using the following suffixes: • sales.corp.westsim.com • corp.westsim.com • westsim.com You want to configure the solution with the least amount of effort possible. What should you do?
On the DNS tab, select Append parent suffixes of the primary DNS suffix.
Your company has an Internet domain of westsim.com. Your internal network has three Active Directory domains named westsim.local, support.westsim.local, and research.westsim.local. You install a server named SL-SRV1 as a member of the westsim.local domain. You configure SLSRV1 with a static IP address of 192.168.0.23. You configure the server to dynamically register its DNS name. Clients in the support.westsim.local domain need to access the SL-SRV1 server. Some users in the support.westsim.local domain are accustomed to using the support.westsim.local suffix when accessing network resources. To accommodate these users, you want to dynamically register the name SL-SRV1.support.westsim.local in addition to the SL-SRV1.westsim.local name in DNS. What should you do?
On the SL-SRV1 server, edit the advanced TCP/IP properties of the server's local area connection. Add a connection-specific suffix of support.westsim.local. Apply the changes and then run ipconfig /registerdns.
Your company's internal namespace is westsim.local. This domain has two additional child domains named support.westsim.local and research.westsim.local. Due to security concerns, your company's internal network is not connected to the Internet. Following are the DNS servers that you manage for your company: • Dns1, authoritative for . and westsim.local, IP address = 192.168.1.1 • Dns2, authoritative for support.westsim.local, IP address = 192.168.2.1 • Dns3, authoritative for research.westsim.local, IP address = 192.168.3.1 All internal DNS domains are Active Directory-integrated domains. You have configured Dns1 with appropriate delegation records for the child zones. How should you configure root hints for Dns2 and Dns3?
In DNS Manager, edit the properties for Dns2 and Dns3. On the Root Hints tab, remove all default root hints entries and then add an entry for Dns1.
You manage the DNS servers that are authoritative for the private.westsim.com zone. Two servers are authoritative for the zone. DNS1 hosts the primary DNS zone, and DNS2 holds a secondary copy of the zone. You have just manually created an A resource record for a new web server on your network that is configured with a static IP address. From your workstation, you open a browser and try to connect to the new web server. You get an error message stating that the web site is not found. You run ipconfig /all and find that your workstation is correctly configured to use the DNS1 server as its preferred DNS server. But, as you continue to troubleshoot the problem, you discover that you incorrectly typed the server's IP address while creating its A resource record. You correct the IP address in the A record and retry connecting to the web site. However, you get the same error on your workstation. What should you do?
On your computer, run ipconfig /flushdns.
You manage the branch office for your company network. The branch office has a single Active Directory domain, branch1.westsim.private. All computers in the branch office are members of the domain. The branch office consists of two subnets and 50 host computers. Each subnet has its own DHCP server, while a single server on Subnet2 is both the domain controller and DNS server. Dynamic updates are enabled on the DNS zone. On Subnet1, you have a shared printer attached to Wrk5. Only computers on Subnet1 use this shared printer. How can you most easily make sure that all hosts on Subnet1 will continue to connect to the shared printer by name, even if the DNS server becomes unavailable?
View the settings in the Default Domain GPO to verify that theTurn off Multicast Name Resolution option is not enabled.