CIT 416

What type of DNS record is used by mail services to find the mail server for a domain?

MX record

The FQDN of a name server that has authority over a domain is noted in what type of DNS record?

NS

What DNSSEC record is returned when the requested resource record doesn't exist and is used to fulfill the authenticated denial of existence security feature of DNSSEC?

Next Secure (NSEC)

What option in the Zone Aging/Scavenging Properties dialog box will prevent DNS record time stamps from being updated too often?

No-refresh interval

What RFC defines the DNS resource record types?

RFC 1183

Which of the following specifies how often a secondary DNS server attempts to renew its zone information?

Refresh interval

Which DNS zone category contains PTR records that map IP addresses to names and is named after the IP network address of the computers whose records it contains?

Reverse lookup zone

When data within a zone changes, what information in the SOA record changes to reflect that the zone information should be replicated?

Serial number

Which of the following DNS record types specifies a hostname and port number for servers that supply specific services?

Service Location

An administrator working on a Windows Server 2016 Server Core installation needs to disable DHCP all interfaces on the server. What PowerShell command should be used?

Set-NetIPInterface

Which PowerShell cmdlet displays the records in the DNS server cache, including the name, record type, timestamp, TTL, and record data?

Show-DnsServerCache

Which feature is used to protect against DNS cache poisoning?

Socket pool

What specific record type is found in every zone and contains information that identifies the server primarily responsible for the zone as well as some operational properties for the zone?

Start of Authority Records

What type of zone contains only an SOA record, one or more NS records, and the necessary glue A records to resolve NS records?

Stub zone

What protocol in the TCP/IP suite provides reliable data transfer between applications at the transport-layer?

TCP

What does a NS record specify?

The FQDNs and IP addresses of authoritative servers for a zone

On a server hosting secondary zones, how can an administrator request records from the entire zone?

Use nslookup command in interactive mode. Change the server to the primary DNS server for the zone server servername command, use ls -d domain (subbing in the name of the zone you want to verify for "domain")

How does DNS resolve an NS record to an IP address?

Using a glue A record

How should an administrator test the functionality of DNS operation on a domain controller, as well as troubleshoot issues with DNS forwarders, delegation, dynamic updates, and record registration?

Using dcdiag /test:dns

How many bits make up an IPv4 address, versus an IPv6 address?

32;128

The 169.254.78.9 IP address is an example of what type of IP address?

Automatic Private IP Addressing (APIPA)

What type of DNS record is used to contain an alias for another record, allowing for the use of different names for the same host?

CNAME record

Which feature allows you to prevent DNS records from being overwritten until the TTL is expired by a specified percentage?

Cache locking

What type of DNS servers field DNS queries, send iterative queries to upstream DNS servers, or send requests to forwarders and then store the results?

Caching-only server

What option can be used by a system administrator to ensure that dynamic updates are made only by known clients when you have a standard primary zone?

Change the zone to an Active Directory-integrated zone

In a ping response packet, what does the TTL field indicate?

How many hops the packet can go through before the packet is expired and discarded

What type of DNS query causes a DNS server to respond with the best information it currently has in its local database?

Iterative query

Why are SRV records critical to the operation of an Active Directory domain?

Without the necessary SRV records, client computers couldn't find a domain controller or global catalog server to sign in or join a domain

What formatted unit of data has an error-checking code called the frame check sequence and is ready to be transferred to the network medium?

frame

A valid reverse lookup zone consists of the network ID's octets in reverse order, with what at the end of the name?

in-addr.arpa

What technique is used by computers to determine the network ID of an IP address?

logical and operation

What specific server configuration is connected to different IP networks using two or more NICs?

multihomed

What command can be used to send test queries to a target DNS server?

nslookup

What DNS policy specifies how DNS queries are handled by the DNS server?

query resolution policy

What command line utility can be used to display the default route, as well as all routing table entries?

route

What contains the destination and source port numbers used to identify Application-layer protocols, and is the Transport-layer data unit?

segment

Which of the following is a DNS record that is no longer valid either because the resource is offline for an extended period or permanently or because the resource's name or address has changed?

stale resource record

Which of the following allows the reallocation of bits from the network portion of an IP address to the host portion, combining subnets?

supernetting

What command displays the route packets take between two computers?

tracert

What type of IPv6 address specifies a single interface on a device?

unicast

Select the feature in Windows Server 2016 that has the ability to support resource records of a type unknown to the DNS server on Windows Server 2016.

unknown record support

What process is taking place when one DNS server transfers zone changes to another DNS server?

zone repetition

Which of the following is a subset of a zone where a zone can contain multiple zone scopes and each zone scope has its own set of resource records?

zone scope

DNS audit events track changes to a DNS server such as when zone or resource changes are made.

True

The MX record type is used to designate mail exchangers or mail servers for e-mail.

True

The entire DNS tree is called the DNS namespace

True

You can configure an internal DNS server as a root server by creating an FLZ with the "." name.

True

What port is used by DNS servers to issue queries?

UDP 53

Why might an organization want a single DNS server to make all external queries?

Great response time for authoritative nameservers

DNS clients maintain a text file called Hosts that can contain static DNS entries, within what Windows directory is this file stored?

%systemroot%\System32\drivers\etc

In CIDR notation, the subnet mask 255.255.255.0 is represented by what prefix?

/24

What command option for the dnscmd command lists all zones on the server?

/enumzones

What ipconfig command line option can be used to delete cached DNS information from memory?

/flushdns

When DNS forwarders or conditional forwarders are configured, what order will a Windows DNS server use to attempt to resolve DNS queries?

1. From locally stored zone resource records; 2. From the DNS cache; 3. From conditional forwarders (if condigured and the domain name matches); 4. From traditional forwarders (if configured); 5. Recursively by using root hints (only if no traditional forwarder is configured).

The decimal number 168 can be represented using what series of binary digits below?

10101000

The default setting for a secondary zone's refresh interval is how many minutes?

15 minutes

The binary number 11000000 represents what number below in decimal?

192

How many usable host addresses exist within a network with a CIDR prefix of /23?

510

On which UDP port do DHCP servers listen for DHCP client messages?

67

The default scavenging value is set to what value by default?

7 days

An IPv4 octet represents how many binary bits?

8

What DNS record type is used for an IPv6 host record?

AAAA

Which PowerShell cmdlet below creates a stub zone?

Add-DNSServerStubZone

What PowerShell cmdlet can be used to create a new Active Directory integrated primary zone?

Add-DnsServerPrimaryZone

What protocol resolves a computer's IPv4 address to its physical, or Media Access Control (MAC) address?

Address Resolution Protocol (ARP)

How does the GlobalNames zone (GNZ) feature work?

Allows administrators to add single-label names to DNS. This gives client computers the ability to resolve the names without including a DNS suffix in the query. It can also make mobile users' access to necessary servers more convenient.

What is a conditional forwarder?

Allows queries for particular domains to particular name servers and all other unresolved queries to a different server

The IP address 129.53.82.20 falls under what IP address class?

Class B

What specific parameter will allow you to base a recursion policy on the subnet address of the clients?

ClientSubnet

What feature in Windows Server 2016 is used to provide information about the certification authority (CA) used by your domain when a client is requesting DNS information for your domain?

DANE

What specific protocol provides automatic IP address configuration and operates at the Application layer?

DHCP

What specific type of DNS attack uses public DNS servers to overwhelm a target with DNS responses by sending DNS queries with spoofed IP addresses ?

DNS aplification attack

How can a master server be configured to make a secondary server request zone transfers immediately after a zone change?

DNS notify

What specific term is best used to describe a computer making a DNS query?

DNS resolver

What do DNS resolvers use to verify the digital signature in Resource Record Signature records?

DNSKEY

Which of the following is a suite of features and protocols for validating DNS server responses?

DNSSEC

A Resource Record Signature (RRSIG) key contains the signature for a single resource record, such as an A or an MX record.

True

A zone that is not integrated into Active Directory is referred to as a standard zone, and the zone data is stored in a text file.

True

Which of the following options can an administrator enable to improve DNS security?

Do not allow dynamic updates

Which type of resource record addition allows computers to register or update their own DNS records, or DHCP can update DNS on behalf of the clients when the clients lease a new IP address?

Dynamic DNS

A major advantage of using Active Directory-integrated zones is the ability to limit manual updates to only verified domain members.

False

An iterative query instructs the DNS server to process the query until it responds with an address that satisfies the query or with an "I don't know" message.

False

Resource records are a grouping of DNS information that belongs to a contiguous portion of the DNS namespace.

False

The use of WINS forward lookup is enabled by default.

False

When serious DNS debugging is warranted, you can enable debug logging in the server's Advanced dialog box.

False

What type of DNS server is a DNS server to which other DNS servers send requests they can't resolve themselves?

Forwarder server

Which PowerShell cmdlet allows you to see the default values and the status of Response Rate Limiting (RRL)?

Get-DNSServerRRL

How can an administrator retrieve the IP address settings of a computer using PowerShell?

Get-NetIPConfiguration

Who is responsible for the management of the Internet root servers?

Internet Assigned Numbers Authority (IANA)

An authoritative server for a domain holds a partial copy of a zone's resource records.

True

What DNS record type is used to resolve a known IP address to a hostname?

Pointer Record

Which DNS zone type contains a read/write master copy of all resource records for the zone?

Primary zone

In a zone's Properties dialog box, what option is unavailable under Dynamic updates for only standard zones?

The Secure only option

The responsible person section of an SOA record contains what information?

The email address of the responsible person

What option is available on a Host A record to tell the system how long the record should remain in the database after it was created or last updated?

Time to live

Why might an administrator want to disable the recursive query functionality when they have a public DNS server containing resource records for their publicly available servers?

To improve performance

When a dynamic DNS record is created, what is the TTL value used for?

To specify how long the record should remain in the DNS database

The .com, .net, and .edu are all examples of what level of the DNS naming hierarchy?

Top-level domain names

What DNSSEC record is returned when the requested resource record doesn't exist and is used to fulfill the authenticated denial of existence security feature of DNSSEC?

_msdcs

Which Windows command line utility below can be used to check for resource records on a server, verify delegations, verify resource records needed for AD replication, and perform e-mail connectivity tests?

dnslint