741 TEST 1 (Chapters 1-3)
Example of a top-level domain
.net
Which of the following is the default CIDR notation for a Class C subnet?
/24
How many primary zones can a zone have?
1
provides one‐to‐one‐of‐many transmission service to groups of interfaces, only the nearest of which (measured by the number of intermediate routers) receives the transmission. You typically use this for locating services or the nearest router
Anycast
How does classless interdomain routing (CIDR) help reduce waste of IP addresses?
CIDR uses a subnetting method that divides between network bits and host bits anywhere, not just between octets
DNS cache locking uses a percentage of the TTL to set the lock. The optimum setting is
100
IPv6 uses ___ bits, the addresses are usually divided into groups of 16 bits, written as 4 hex digits
128
____ takes over and automatically assigns an address on the 169.254.0.0/16 network to the computer.
APIPA
Which of the following forwards queries to other DNS servers based on the DNS domain name in the query?
Conditional forwarding
expands on the idea of forwarding, where you forward those queries to other DNS servers based on the DNS domain names in the query.
Conditional forwarding
Which of the following uses a digital certificate to ensure that a user is not being directed to a fake website because the DNS cache was corrupted?
DANE
_____ can be enabled on an Active Directory-integrated (ADI) zone or on a primary zone.
DNNSEC
Before the client communicates with the web server, the client computer needs to use ___ to retrieve the IP address of the web server, similar to how someone uses a phone book to find a phone number.
DNS
a protocol that uses X.509 digital certificates to be bound to the DNS name using DNSSEC.
DNS‐based Authentication of Named Entities (DANE)
Public addresses that are globally routable and reachable on the IPv6 portion of the Internet. They are equivalent to a registered IPv4 address and unique on the Internet.
Global unicast addresses:
Which of the following statements are true?
IPv4 uses 32‐bit addressing
Which IPv6 transition technology starts with the FE80:/64 prefix and includes the IPv4 address in hexadecimal form at the end of the IPv6 address?
ISATAP
Here is an example of an address:
FE80:0000:0000:0000:02C3:B2DF:FEA5:E4F1 (the first 64 bits define the network address\ FE80:0000:0000:0000 defines the network bits)
Which of the following is used to automatically create and update the host's primary DNS server?
Dynamic Updates
Which zone is used to translate host names to IP addresses?
Forward lookup zone
Which types of keys are used in DNSSEC?
KSK and ZSK
Which Windows Server 2016 DNS feature prioritizes DNS responses based on the subnet of the requested client?
Netmask Ordering
allows the DNS server to return the record that is most local to the client requesting the IP address.
Netmask ordering feature
The ___ records are in the reverse lookup zone and all of the other record types are in the forward lookup zone
PTR
an automatic tunneling protocol used by the Windows workstation operating systems, which allows you to use IPv6 applications on an IPv4 network by emulating an IPv6 link using an IPv4 network. The ISATAP address consists of a valid 64‐bit unicast address prefix. such as a link‐local address prefix (FE80::/64), The last 64 bits are ISATAP addresses.
Intra‐Site Automatic Tunnel Addressing Protocol (ISATAP)
If a DNS server does not know the answer to a name query, how can the DNS server be forced to go to the ISP DNS server?
Use a forwarder
Minimum TTL:
Specifies a default Time to Live (TTL) value, which defines the default time. A resource record remains in a DNS cache
Which zone contains only the necessary resource records that act as an authoritative name server?
Stub zone
______ allow you to break up larger domains into smaller, more manageable domains.
Subdomains
Which IPv6 transition technology is based on an automatic tunneling technology that functions behind one or multiple IPv4 NATs?
Teredo
an IPv4 Network Address Translation‐Traversal (NAT‐T) for IPv6, is an address assignment and automatic tunneling technology that provides unicast IPv6 connectivity across the IPv4 Internet. One advantage of _____ is that it will function even when the IPv6/ IPv4 hosts are located behind one or multiple IPv4 NATs.
Teredo
DANE is used to prevent _____ attacks where a user may be directed to a fake website.
man‐in‐the‐middle
The trust anchor verifies that a _______ and associated data are valid.
digital signature
By using Active Directory-integrated zones, DNS follows a _____ model
multimaster
The preferred method to set the socket pool size is through the use of the dnscmd command‐line tool:
dnscmd /Config /SocketPoolSize <value>
To add an Active Directory-integrated primary zone called support.contoso.com on server1.contoso.com, execute the following command:
dnscmd /zoneadd
Which command is used to create a zone to a DNS on a DNS server?
dnscmd /zoneadd
The DNS servers are often referred to as ___ servers.
name
DNS supports _____, where resource records for the clients are automatically created and updated at the host's primary DNS server.
dynamic updates
Entering hostname in nslookup provides a forward lookup of the host name to IP address. Entering IP_Address in ____ performs a reverse lookup of IP address to host name
nslookup
______ are the complete or partial transfer of DNS data from a zone on a DNS server to another DNS server.
Zone Transfers
Which of the following sends DNS information from a zone on a DNS server to another DNS server?
Zone transfer
A f______ contains most of the resource records for a domain. Of course, as the name indicates, a forward lookup zone is used primarily to resolve host names to IP addresses.
forward lookup zone
By using a _____, you control name resolution queries and traffic, which can improve the efficiency of name resolution for the computers in your network.
forwarder
DNS uses ____ (FQDNs) to map a host name to an IP address (NOT fully Quantified)
fully qualified domain names
A ____ is a specific computer or other network device in a domain
host
DNS uses fully qualified domain names (FQDNs) to map a host name to an IP address. An FQDN describes the exact relationship between a host and its DNS domain. For example, ______ represents an FQDN.
computer1.sales.microsoft.com
Before you can ____ resource records, you need to first create the appropriate forward lookup zones and reverse lookup zones.
create
If you type nslookup without any parameters, you start nslookup.exe in _____ mode.
interactive
When you execute ____, it displays the full TCP/IP configuration for all adapters including host name, DNS servers, and the physical address (or MAC address).
ipconfig /all
DNSSEC uses a series of ____ to secure the server and the zones. These include the Key Signing Key (KSK) and the Zone Signing Key (ZSK).
keys
The DNS client is known as the DNS resolver. Before a DNS client queries a DNS server, it first checks its own ____ name.
local
DNS is a hierarchical distributed naming system used to locate computers and services on a TCP/IP network. Each node or leaf in the tree is a _____ (RR).
resource record
A _____is used to resolve IP addresses to host names.
reverse lookup zone
When the zone is created, the zone will be defined in _____. For example, if you create the 192.168.1 zone, it is stored as 1.168.192
reverse notation
By default, Windows DNS contains a root hint, which contain the names and IP addresses of the DNS servers authoritative for the ____ zone.
root
A ______ is a copy of a zone that contains only necessary resource records and acts as a pointer to the authoritative name server.
stub zone
The digital signatures are verified using the public key of the server or zone from the
trust anchor
When a client asks a DNS for a name resolution, which type of query is it?
Iterative Query
Which of the following is an example of a valid IPv4 address?
192.168.42.1
Which of the following is an example of a valid IPv6 address?
21cd:0053:0000:0000:e8bb:04f2:003c:c394
When you create a reverse lookup zone, how is the zone stored for the 172.25.0.0 subnet (subnet mask of 255.255.0.0)?
25.172
An IPv4 address is a ___‐bit‐long number assigned to a host on the network.
32
A DNS resolver is a service that uses the DNS protocol to query for information about DNS servers using UDP and TCP port ___.
53
How many bits does a standard IPv6 unicast address use to represent the network ID?
64
CIDR differs from traditional addressing (now called classful addressing) by allowing the division between the network identifier and the host identifier to fall anywhere in an IPv4 address; it does not have to fall on one of the __‐bit boundaries
8
If a block is set to 0 and is followed by another block set to 0, it can be written as
::
Because of its smaller hardware footprint and higher security, if you need to place the DNS server on the DMZ, the _____ Server is an excellent choice.
Nano
The _____ record is returned to the client in response to a successful query along with the A record.
RRSIG
When a DNS server does not know the answer and it must use the DNS servers on the Internet to resolve a name query, which of the following is used to determine the next DNS server to contact?
Root hints
Pointer Records
Resolves IP address to host names for DNS clients
Each node or leaf in the DNS tree is referred to as which of the following?
Resource record
DNS servers starting in Windows Server 2016 provide an option to enable ______(RRL). If a lot of queries originate from a single source, it causes the DNS server to not respond.
Response Rate Limiting
Which of the following can be used to limit how many DNS queries a DNS server responds to so that it will reduce the effect of a denial of service attack?
Response Rate Limiting
Which zone is used to translate IP addresses to host names?
Reverse lookup zone
_____ unicast addresses are the IPv6 equivalent of private network addresses in IPv4.
Unique local
The DNS ____ pool is a tool used to allow source port randomization for DNS queries.
socket
IPv6 provides a number of benefits for TCP/IP‐based networking connectivity, including:
• A 128‐bit address space to provide addressing for every device on the Internet with a globally unique address • More efficient routing than IPv4 • Support for automatic configuration • Enhanced security to protect against address and port scanning attacks and utilization of IPsec to protect IPv6 traffic
The dnscmd.exe command can perform the following:
• Create, delete, and view zones and records. Stop and start the DNS service.
The most common resource records are:
• Host (A and AAAA) record: Maps a domain/host name to an IP address • Canonical Name (CNAME) record: Sometimes referred to as an Alias, maps an alias DNS domain name to another primary or canonical name
Which of the following is (are) the class(es) of IPv4 addresses used to provide support for networks?
Classes A,B, and C
In an environment where there are several DNS suffixes such as contoso.com, adatum.com, and fabrikam.net, it is necessary to manually create a ______ zone within DNS to allow a single‐label name to be resolved.
GlobalNames
Which of the following is an advantage of DNS running on a Nano Server versus DNS running on a Windows Server with Desktop Experience?
More secure
When you create a new zone, two types of records are automatically created:
Start of Authority (SOA) record: Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and the expiration and reload timers of the zone Name Server (NS) record: Specifies an authoritative name server for the host
IPv6 is usually configured automatically via autoconfiguration. For IPv6, there are three types of autoconfiguration:
Stateful autoconfiguration, Stateless autoconfiguration, Both autoconfiguration
Which of the following is the stateless address autoconfiguration process, during a Windows computer start?
The computer assigns itself a link‐local unicast address.
The process for securing a zone using DNSSEC is called
signing the zone.