CNA 221 | Ch. 2, Configuring DNS Servers
DNS client
A computer making a DNS query
Domain Name System (DNS)
A distributed hierarchical database composed mainly of computer name and IP address pairs.
Allow both nonsecure and secure dynamic updates.
With this update feature, both authenticated Active Directory clients and non-Active Directory clients can create and update DNS records.
Conditional forwarder
A DNS server to which other DNS servers send requests targeted for a specific domain.
Forwarder
A DNS server to which other DNS servers send requests they can't resolve themselves.
Caching-only DNS server
A DNS server with the sole purpose of fielding DNS queries, completing recursive lookups to root servers, sending requests to forwarders, and caching the results.
Forward lookup zone (FLZ)
A DNS zone containing records that translate names to IP addresses.
Reverse lookup zone (RLZ)
A DNS zone that contains PTR records that map IP addresses to names and is named after the IP network address of the computers whose records it contains.
Stub zone
A DNS zone that contains a read-only copy of only the SOA and NS records for a zone and the necessary A records to resolve NS records.
Secondary zone
A DNS zone that contains a read-only copy of zone resource records. Although changes can not be made here, because it contains an exact copy of the primary zone, it's considered authoritative for the zone.
Primary zone
A DNS zone that contains a read/write master copy of all resource records for the zone.
stale
A _____ record hasn't been updated in a period longer than its time to live value.
zone transfer
A ___________ copies all or part of a zone from one DNS server to another and occurs as a result of a secondary server requesting the transfer from another server.
dnslint
A command-line program used to check for resource records on a server, verify delegations, verify resource records needed for Active Directory replication, and perform email connectivity tests.
dnscmd.exe
A command-line tool that enabled administrators to perform basic to advanced configuration and monitoring.
hosts
DNS clients maintain a text file called _____ that can contain static DNS entries.
Performance Monitor
Tool that allows you to monitor more than 60 performance counters related to DNS.
Event viewer
Tool used to view the DNS server event log.
Protocol analyzer
Tool which provides information similar to debug logging but with more flexibility.
DNS audit events
Tracks changes to a DNS server, such as when zone or resource changes are made.
True
True or False? A DNS server will not query additional DNS servers in an attempt to resolve an iterative query.
False
True or False? A master server can not be configured to send a DNS notify message to secondary servers when zone information is changed.
False. A single server can be authoritative for multiple domains.
True or False? A single server can be authoritative for only a single domain.
True
True or False? Although dnscmd is still available in Windows Server 2016, Microsoft recommends transitioning to PowerShell.
False
True or False? DNS audit events is disabled by default, but it's highly recommended that it be enabled.
True
True or False? Every domain has one or more servers that are authoritative for the domain, meaning that the servers contain a master copy of all DNS records for that domain.
True
True or False? Updates to resource records can be made only on a server configured as a primary zone server.
True
True or False? You can't change the number of times a particular host record is used in a round robin.
ipconfig
Used to check DNS client configuration and the DNS suffix search list; also used to cause a client to register its DNS name and display and delete locally cached DNS records.
nslookup
Used to test DNS queries with the default DNS server or a specific DNS server.
Do not allow dynamic updates
Using this update system, all DNS records must be entered manually.
Install-WindowsFeature DNS -IncludeManagementTools
What PowerShell command would you use to manually install DNS with its relevant management tools?
Primary, secondary and stub
What are the three zone types that a zone can be changed to under the type option?
1 hour
What is the default TTL time for DNS records?
#
What symbol in the hosts file if placed before a line of text, indicates that the line will be ignored by the DNS client?
-a
What trigger would you add to a ping command to do a reverse lookup?
Master DNS server Slave DNS servers
When you're working with standard zones, a server that holds the primary zone is called the _____________, and servers that hold secondary zones are called ______________.
%systemroot%\System32\DNS
Where is the default location of the cache.dns file which contains root hints data?
%systemroot%\system32\drivers\etc
Where is the hosts file stored by default on a Windows device?
Set-Dnsserverglobalnamezone -enable $true
Windows PowerShell command to enable GNZ.
/all
ipconfig trigger that displays IP addresses of the configured DNS server as well as the DNS suffix.
Root server
A DNS server that keeps a database of addresses of other DNS servers managing top-level domain names.
Top-level domain servers (TLD)
A DNS server that maintains addresses of other DNS servers that are authoritative for second-level domains.
Dynamic DNS (DDNS)
A DNS name-registering process whereby computers in the domain can register or update their own DNS records.
Referral query
A DNS response to an iterative query in which the address of another name server is returned. Can also be a prioritized list of servers used to access files in a namespace.
AXFR
A full zone transfer is often referred to as an ____ because that's the query code used when the slave DNS server requests the transfer.
Zone
A grouping of DNS information that belongs to a contiguous portion of the DNS namespace, usually a domain and possibly one or more subdomains.
Windows Internet Name Service (WINS)
A legacy name system referred to as single-label names, that is used to resolve NetBIOS names.
Root hints
A list of name servers pre-configured on Windows DNS servers that point to Internet root servers, which are DNS servers located on the Internet and managed by IANA.
Static
A method in which an administrator enters DNS record information in manually. A reasonable method for small networks of only a few resources access by name.
Round robin
A method of responding to DNS queries when more than one IP address exists for the queries host. Each IP address is placed first in the list of returned addresses an equal number of times so that hosts are accessed alternately.
Recursive query
A query in which the DNS server processes the query until it responds with an address that satisfies the query or with an "I don't know" message.
Canonical Name (CNAME)
A record containing an alias for another record that enables you to refer to the same resource with different names, yet maintain only one host record.
Service Location (SRV)
A record type that allows DNS clients to request the address of a server that provides a specific service, instead of querying the server by name.
Pointer (PTR)
A record type used for reverse DNS lookups. Can be created automatically on Windows DNS servers.
Iterative query
A type of DNS query to which a DNS server responds with the best information it has to satisfy the query.
Conditional forwarding
A type of forwarding that enables administrators to forward queries for particular domains to particular name servers and all other unresolved queries to a different server.
Resource record
A zone record type that contains information about network resources, such as hostnames, other DNS servers, and domain controllers.
Glue A record
An A record used to resolve the name in an NS record to its IP address.
Hostname
An assigned name that is associated with an IP address.
DNS analytic events
An event that is created every time DNS sends and receives information.
IXFR
Code used by incremental zone transfers.
Authoritative server
DNS server that holds a complete copy of a zone's resource records.
GlobalNames zone (GNZ)
Feature that provides a method for IT administrators to add single-label names to DNS, thereby allowing client computers to resolve these names without including a DNS suffix in the query.
Primary DNS server
If a primary zone is a standard zone, there can be only one server that hosts the primary zone, referred to as the _____________.
/flushdns
Ipconfig trigger that deletes the local DNS cache.
/displaydns
Ipconfig trigger that displays the local DNS cache, which also has the contents of the hosts file.
State of Authority (SOA)
Less a resource than an informational record, this record type identifies the name server that's authoritative for the domain and includes a variety of timers, dynamic update configuration, and zone transfer information.
IPv6 Host (AAAA)
Like an A record but uses an IPv6 address instead.
DNS resolver
More commonly referred to as a "DNS lookup" tool, this server resolves an individual host name to an IP address.
Add-DnsServerResourceRecord
PowerShell cmdlet that adds a resource record of a specified type to a specified DNS zone.
Add-DnsServerPrimaryZone
PowerShell cmdlet that can be used to create a new Active Directory integrated primary zone.
Mail Exchanger (MX)
Record type that contains the address of an email server for the domain.
Name Server (NS)
Records used by the DNS server to refer queries to another server that's authoritative for the requested domain.
Refresh interval
Setting that specifies how often a secondary DNS server attempts to review its zone information.
Time to Live (TTL)
Tells the system how long the record should remain in the database after it was created or last updated.
dcdiag /test:dns
Tests DNS operation on domain controllers and solves problems with DNS forwarders, delegation, dynamic updates, and record registration.
Retry interval
The amount of time a secondary server waits before retrying a zone transfer that has failed.
Expires after
The amount of time before a secondary server considers its zone data obsolete if it can't contact the primary DNS server.
DNS namespace
The entire DNS tree that defines the structure of the names used to identify resources in network domains. Consists of a root name, top-level domains, second-level domains, and optionally one or more subdomains.
Fully qualified domain name (FQDN)
The full domain name for a host that specifically identifies it within the hierarchy of the Domain Name System.
DNS Manager
The main DNS configuration tool used to perform most DNS configuration tasks, monitor zone data and the DNS cache's contents, and configure event logging and debug logging.
A
The most common resource record, consists of a computer name and an IPv4 address
Full zone transfer
The only transfer method in DNS versions prior to Windows Server 2003.
Traditional forwarding
This type of forwarding means "if you can't resolve the query, forward it to this address".
Allow only secure dynamic updates
This update feature is available only for Active Directory-integrated zones, this option ensures that the host initiating the record creation or updates has been authenticated by Active Directory.