741 Midterm
For an IPAM server to be deployed in Windows Server 2016, it must meet the following hardware requirement
A dual‐core processor of at least 2.0GHz • 4GB or more of RAM • 80GB of free hard disk space
ISATAP
AN AUTOMATIC TUNNELING PROTOCOL USED BY THE WINDOWS WORKSTATION OPERATING SYSTEMS, WHICH ALLOWS YOU TO USE IPV6 APPLICATIONS ON AN IPV4 NETWORK BY EMULATING AN IPV6 LINK USING AN IPV4 NETWORK
After DHCP Discover
DHCP Offer
The DNS client is also known as
DNS resolver
IP address range
IP address ranges are the next hierarchical level of an IP address space, beneath the address block
CONFIGURATION IS BASED ON ROUTER ADVERTISEMENT MESSAGES, WHICH INCLUDE THE STATELESS ADDRESS PREFIXES. WHEN YOU ARE USING STATELESS AUTOCONFIGURATION, YOU ARE USING NATIVE IPV6 CONNECTIVITY
STATELESS
SOA records Serial Number
Shows the version or how many times the zone has been updated
Split scopes
Uses two DHCP servers to assign IP addresses. Eighty percent of the available addresses are assigned on the primary server, and 20% of the available addresses are assigned to a secondary server
Minimum TTL
Specifies a default Time to Live (TTL) value, which defines the default time. A resource record remains in a DNS cache
Start of Authority (SOA) record
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and the expiration and reload timers of the zone
benefits of IPV6
more efficient that IPv4
when you execute ifconfig /all
displays the full TCP/IP configuration for all adapters including host name, dns servers, and the physical address (or MAC address)
IPAM server
must be a domain member but cannot be a domain controller
Entering IP_Address in nslookup performs
a reverse lookup of IP address to hostname
DHCP client reservations
allow administrators to reserve an IP address for permanent use by a DHCP client. By using reservations, you can ensure that the host will always have the same IP address
The Group Policy‐based provisioning method creates the Group Policy Objects (GPOs) that
allow the required access settings on all the IPAM managed servers. The GPOs created are: • IPAM1_DHCP for DHCP servers • IPAM1_DNS for DNS servers • IPAM1_DC_NPS for domain controllers and NPS server
the dnscmd.exe command
allows an administrator to display and change properties of the DNS servers, zones, and resource record
IPAM server never communicates with
another IPAM server
dhcp.mdb file
automatically backs up synchronously every 60 minutes by default. To change the interval of automatic backups, you can modify the following registry REG_DWORD:
IP address blocks
highest‐level conceptual entities in an IP address space
Dynamic Host Configuration Protocol (DHCP) server
configured to provide the default gateway, primary, and secondary DNS information; WINS server; and DNS domain name
DHCP policy
consists of conditions and settings. A condition allows you to identify and group clients based on whether a specified criteria is equal or not equal to a specified value. The criteria include: • MAC address • Vendor class • User class • Client identifier • Relay Agent information, such as remote ID, circuit ID, and subscriber ID
IPAM Server console provides
dedicated Monitor and Manage section. Within this section, there are four categories: • DNS and DHCP Servers • DHCP Scopes • DNS Zones • Server Groups
FE80:0000:0000:0000
defines the network bits
the DNS socket pool
is a tool used to allow source port randomization for DNS queries which reduces the chances of an attacker guessing which IP address and port (socket) the DNS traffic uses
The RRSIG record
is returned to the client in response to a successful query along with the A record
Compacting the DHCP database requires the use of
jetpack.exe, which is installed when the WINS Server feature is installed on the DHCP server
Entering hostname in nslookup
provides a forward lookup of the host name to IP address. if you type nslookup without any parameters, you start nslookup.exe in interactive mode.
Anycast
provides one‐to‐one‐of‐many transmission service to groups of interfaces, only the nearest of which (measured by the number of intermediate routers) receives the transmission. You typically use this for locating services or the nearest router.
Canonical Name (CNAME)
resource record is an alias for a host name. It is used to hide the implementation details of your network from the clients that connect to it, particularly if you need to make changes in the future
By using an external database
scalability, disaster recovery, and reporting
On the Lease Duration page
specify the length of the leases for the addresses in the scope. The default lease duration is set to 8 days
DHCP failover
supports two modes: Load Sharing and Hot Standby
To be able to manage the Windows Server 2008 DHCP and DNS roles using IPAM on Windows Server 2016,
the following requirements should be installed on the Windows Server 2008 or Windows Server 2008 R2 systems: Service Pack 2 on Windows Server 2008
DHCP failover is
time sensitive. The time between partners must be no greater than one minute.
Dynamic Host Configuration Identifier (DHCID)
track which machines originally requested which names.
What must be installed on DHCP Servers?
you must install the service and configure scopes on every computer that will function as a DHCP server. SCOPE MUST BE AUTHORIZED
Before you can create resource records
you need to first create the appropriate forward lookup zones and reverse lookup zones
Class D addresses
224.0.0.0 to 239.255.255.255
Only to servers listed on the Name Servers tab:
Restricts zone transfers to secondary DNS servers as defined with NS resources records
The IPAM client console options for importing IP address data from a comma‐separated value (CSV) file include the following
• Import IP Address Block • Import IP Address Ranges • Import IP Addresses • Import and Update IP Address Ranges
*automatically configures the ip configuration of a device
*correct answer is D
*nslookup without parameters
*point of record does not exist
STEP 2 Offer:
Any DHCP servers that receive the request review their pool of IP addresses (DHCP scope) and select one to offer to the client.
DHCP DATABASE
The database uses the Microsoft Jet Database Engine, which is stored in the %systemroot%\System32\Dhcp folder
IPAM supports
Windows Internal Database or Microsoft SQL Server
Invoke‐IpamGpoProvisioning
can be used to create IPAM provisioning GPOs
DHCP uses the same two ports for BOOTP
destination UDP port 67 for sending data to the server and UDP port 68 for sending data to the client. DHCP uses TCP port 647 to listen for failover traffic. The DHCP installation automatically creates the following inbound and outbound firewall rules
The process for securing a zone using DNSSEC is called
signing the zone. once signed, any queries on the signed zone return THE BOTTOM LINE Windows Server 2016 includes a number of DNS security feature