ITNW - Chapter 01 (1/2)

Ace your homework & exams now with Quizwiz!

You administer a branch office connected to the main headquarters with a WAN link. Servers in the branch office provide DNS and DHCP services. The company network has multiple domains. A single domain represents the branch office. A DNS server named DCI at the branch office is authoritative for the branch office's primary zone and contains no other DNS zones. DNS servers at headquarters provide name resolution for hosts in other domains. One day, you come to work to find a number of customer service complaints. They all report something similar -- clients can resolve local host names, but cannot resolve host names for other domains on the network. You contact the enterprise administrator. She tells you the IP address for the DNS server that previously used as a forwarder for the branch office has been changed to 10.155.11.15. What should you do to fix the problem?

Configure DC1 to forward name resolution requests to 10.155.11.15.

Your organization uses one primary DNS zone that is backed up by seven secondary DNS zones on other servers. Your organization has changed ISPs. As a result, significant IP addressing changes are taking place within your infrastructure. To maintain availability, all of your secondary DNS servers need to be updated immediately whenever a change is made to the primary DNS server. What should you do?

Configure DNS Notify options in the properties of the primary zone.

You are the systems administrator for WestSim Corporation. You have been assigned to set up a new branch office in Tulsa. The branch will be represented by a single domain. You install a single DNS server called TulsaDNS and configure a primary zone for the branch office domain. You test name resolution and find that hosts can only resolve names for hosts within the domain. You need to enable clients in the Tulsa location to resolve names for hosts in other domains within your private network. You would like to minimize traffic across the WAN link between the sites. What should you do?

Configure TulsaDNS to use forwarders.

You need to enable hosts on your network to find the IP address of logical names such as srv1.myserver.com. Which device would you use to accomplish this task?

DNS server

You are the network manager for the westsim.private domain. You are in the process of transitioning from IPv4 to IPv6 on your internal network. You want to configure DNS to provide hostname-to-IPv6 address and IPv6 address-to-hostname resolution for a specific IPv6-only host. Which record types would you create?

- AAAA - PTR

Listed below are several DNS record types. Match the record type on the left with its function on the right.

- Identify a domain controller: SRV - Identify a mail server: MX - Map a host name to an IPv4 address: A - Map an IPv4 address to a host name: PTR - SRV, MX, A, PTR

Listed below are several DNS record types. Match all record type on the left with its function on the right. (Record types may be used once or not at all.)

- Identify a domain controller: SRV - Identify a mail server: MX - Map a host name to an IPv4 address: A - Map an IPv4 address to a host name: PTR - SRV, MX, A, PTR

Your network has a single Active Directory domain named westsim.local. All westsim.local authoritative DNS servers are configured to forward DNS requests across a firewall to a public DNS server. All client computers are members of the westsim.local Active Directory domain and are configured to use westsim.local authoritative DNS servers. A new site in Seattle has just opened. The Seattle site is connected to company headquarters using a virtual private networking (VPN) connection. Company policy states that all client computers in all sites must receive internet access through a high-speed internet connection at company headquarters. You want to supply DNS service at the Seattle site, minimize unnecessary DNS traffic across the VPN connection, and configure DNS appropriately to meet company policy. What should you do? (Choose two. Each choice is part of the correct solution.)

- Install a DNS server in the Seattle site with no primary zones. - Configure the new DNS server to forward all DNS requests to westsim.local authoritative DNS servers at company headquarters.

Your network has a single Active Directory domain named westsim.local. All westsim.local authoritative DNS servers are configured to forward DNS requests across a firewall to a public DNS server. All client computers are members of the westsim.local Active Directory domain and are configured to use westsim.local authoritative DNS servers. Your company has opened one new site in South America. The South America site has its own internet connection and uses a dedicated wide area network (WAN) link to company headquarters in North America for intranet traffic. The WAN link between company headquarters in North America and the South America site is expensive and somewhat unreliable. DNS traffic across this WAN link must be minimized. You need to make appropriate DNS configurations to meet this requirement. What should you do? (Choose two. Each choice is part of the correct solution.)

- Install a DNS server with no zones in the South America site. Configure the server to conditionally forward westsim.local DNS requests to westsim.local authoritative DNS servers and to forward all other DNS requests to the local internet service provider's DNS server. - Configure all client computers in the South America site to use the new DNS server in the South America site.

You are a network administrator. You have determined that you need to install and configure a local DNS server. You have decided that installing DNS on Nano Server is best for the following reasons. (Select three.)

- Nano Server requires fewer patches and reboots. - Nano Server requires less disk space. - Nano Server can be deployed as a Hyper-V VM.

Your Active Directory network uses the internal DNS namespace private.westsim.com. Several other Active Directory domains also exist, which are children to the private.westsim.com domain. On the internet, your company uses westsim.com for its public domain name. Your company manages its own DNS servers that are authoritative for the westsim.com zone. The private.westsim.com zone has been delegated to your company's Active Directory domain controllers, which are also DNS servers. Computers that are members of the private.westsim.com domain and all child domains must be able to resolve DNS names of internet resources. However, to help secure your network, DNS queries for resources in the private.westsim.com domain and all child domains must never be sent to internet DNS servers. Queries for internet names must go first to your public DNS server that is authoritative for the westsim.com domain. You need to configure your company's DNS servers to meet these requirements. What should you do? (Select two. Each correct choice is part of the solution.)

- On all DNS servers that are authoritative for the private.westsim.com zone or any child zone, create a forwarders list. Forward to DNS servers that are authoritative for the parent zone, westsim.com. - Delete root hints to internet DNS servers on all DNS servers that are authoritative for the private.westsim.com zone or any child zone.

Listed below are several DNS record types. Match the record type on the left with its function on the right.

- Points a hostname to an IPv4 address: A - Provides alternate names to hosts that already have a host record: CNAME - Points an IP address to a hostname: PTR - Points a hostname to an IPv6 address: AAAA - Identifies servers that can be used to deliver mail: MX - A, CNAME, PTR, AAAA, MX

Match each zone type on the left with the corresponding characteristics on the right. Each zone type may be used once, more than once, or not at all.

Active Directory-integrated, Primary, Secondary, Secondary, Active Directory-integrated

You manage a network with Windows clients, multiple subnets, and Windows DNS servers. You want to be able to resolve a host name for a server on your network to its IPv4 address. What should you do?

Add an A record on the DNS server.

You manage the intranet servers for EastSim Corporation. The company network has three domains: eastsim.com, asiapac.eastsim.com, and emea.eastsim.com. The main company website runs on the web1.eastsim.com server with a public IP address of 101.12.155.99. A host record for the server already exists in the eastsim.com zone. You want internet users to be able to access the URL http://www.eastsim.com to reach the website. What type of DNS record should you create?

CNAME

You manage a single private domain called westsim.private. All DNS servers run Windows Server 2016. Client computers run Windows 10 and are members of the westsim.private domain. Client computers have NetBT disabled and use only DNS for name resolution. You have a group of computers that use only NetBIOS names and do not use DNS. Your network does not have a WINS server. You need to enable all client computers to resolve host names for the NetBIOS computers. What should you do?

Configure a GlobalNames zone. Create records in the zone for all NetBIOS computers.

You manage the DNS servers for the eastsim.com domain. Your company has just acquired a competitor. The competitor network uses a single domain named widgets.local domain. You want to minimize zone transfer traffic, but you also want to make sure that changes to name servers in the Denver location to not disrupt name resolution. You need to configure your DNS servers in the eastsim.com domain. What should you do?

Configure a stub zone to widgets.local.

You are a network engineer working for WestSim Corporation. The company has an internet domain named westsim.com. The private network uses the namespace of private.westsim.com. Your company manages its own Domain Name System (DNS) servers that are authoritative for both the company's namespaces. Your network consists of several subnets at multiple locations. Sites are connected with WAN links. www.private.westsim.com is an intranet web server that is commonly used throughout the company. You want to ensure that users can always access this server by name, even if an authoritative DNS server is not available. What should you do?

Configure each client computer's hosts file with an entry for vmw.private.westsim.com.

You manage the network for the westsim.com domain. The network uses both DNS and WINS for name resolution. Client computers are configured to try DNS for name resolution first, and then try WINS if that fails. You would like to transition your network to use IPv6. You want to make sure that clients can contact hosts using single-label names that resolve to the IPv6 address for that host. You want to do this with the least amount of effort possible. What should you do?

Configure the GlobalNames zone in DNS. Create CNAME records for each host pointing to the corresponding AAAA record.

You are the administrator of the corp.westsim.com domain. All servers in the domain run Windows Server 2016, and all clients run Windows 10. The domain has two subdomains: • acct.corp.westsim.com • sales.corp.westsim.com The acct.corp.westsim.com zone is an Active Directory-integrated zone, while the sales.corp.westsim.com zone a primary zone. To improve name resolution, you set up DNS on the SRV3.acct.corp.westsim.com server. You create a secondary zone on that server pointing to the sales.corp.westsim.com zone. One day, you come to work to find that the primary server for the sales.corp.westsim.com zone has failed. You have a backup that was performed the previous night. You need to have a primary server online as quickly as possible while restoring as much of the zone data as possible. What should you do?

Convert the sales.corp.westsim.com secondary zone on SRV3 to a primary zone.

Your company has started the transition to IPv6. You need to configure records on the DNS server so that clients can submit a host name query and receive back an IPv6 address for the specified host. What should you do?

Create AAAA records.

Your company has started the transition to IPv6. You need to configure records on the DNS server so that clients can submit an IPv6 address and receive back the host name for that computer. What should you do?

Create PTR records.

Your company uses the internet domain westsim.com. Your network has a single Active Directory domain named westsim.local. You manage your network's DNS servers for the westsim.com zone and the westsim.local zone. All Domain Name Service (DNS) servers on your network run Windows Server 2016. Your company's Asia division wants its own internet namespace, and it also wants to manage its own DNS servers. The division will use asia.westsim.com as its internet domain name. You want to minimize administrative effort and communication between the two divisions as the Asia division installs DNS servers. To support this goal, you need to make appropriate configurations on the DNS servers that you manage. What should you do?

Create and configure a stub zone named asia.westsim.com.

Your private network consists of several domains. The forest root domain is called westsim.local. Additional domains represent each department (such as accounting.westsim.local and sales.westsim.local). All domains are in the same DNS tree. Servers on your network provide DHCP, DNS, and WINS. During a recent upgrade, you decide to upgrade all servers to Windows Server 2016 and all client computers to Windows 10. As part of the upgrade, you remove the WINS servers from the network, and disable NetBT on all client computers. Users have been used to contacting three servers using a single-label name. These servers are named as follows: • file.it.westsim.local • graphics.art.westsim.local • iweb.hr.westsim.local You want to allow all users company-wide to be able to contact these servers using the names file1, graphics, and iweb. What should you do?

Create the GlobalNames zone. Configure CNAME records in the zone for the three records.

Your private network consists of several domains. The forest root domain is called westsim.local. Additional domains represent each department (such as accounting.westsim.local and sales.westsim.local). All domains are in the same DNS tree, and all DNS servers run Windows Server 2016. All client computers run Windows 10. Each client computer is a member of the department domain. You have an intranet server whose fully qualified name is iweb.it.westsim.local and IP address is 192.168.199.12. You want all users in the company to be able to access this server using the URL: http://iweb. What should you do?

Create the GlobalNames zone. Create a CNAME record in the zone pointing to iweb.it.westsim.local.

You want to implement a protocol on your Network that allows computers to find the IP address of a host using a logical name. Which protocol should you implement?

DNS

You manage the branch office for your company network. The branch office consists of two subnets and 10 host computers. You use static addressing for all hosts on both subnets. To provide name resolution between subnets, you configure static entries on each computer. As the network grows, you decide to implement dynamic services. You configure a Windows Server 2016 server as a DHCP and DNS server. You configure a DNS zone and DHCP scopes. You configure DHCP options on the DHCP server to deliver the IP address of the DNS server to all hosts. You configure each client to get IP address and DNS server information from the DHCP server. You need to configure each client so that it no longer uses static entries for name resolution. What should you do?

Delete the hosts file on each client.

You are the manager for the westsim.com domain. All computers are members of the westsim.com domain. A single Windows Server 2016 server is the domain controller and DNS server for the domain. You have recently installed a new server, srv12, with the IP address 192.168.3.199/24. You need to manually create a record in the DNS database that provides IP address-to-hostname resolution. Which command should you use?

Dnscmd /recordadd 3.168.192.in-addr.arpa 199 PTR srv12.westsim.com

You manage a network with two locations, Denver and Phoenix. 80th sites are connected with a WAN link. The network uses westsim.private as the domain name. The DNS1 server is located in the Denver location and has the primary copy for the westsim.private zone. The DNS2 server is located in Phoenix and is a secondary server for the zone. You notice that when you add new A records to the zone, users in Phoenix are unable to resolve the hostname for the new host for up to 15 minutes after the record has been added. You want to reduce this time so that hostnames can be resolved in Phoenix as soon as possible. What should you do? (Select two. Each choice is a complete solution.)

Edit the zone properties on DNS1. On the Zone Transfers tab, configure the zone to automatically notify listed name servers.

You manage a network with two locations. The main office is in Phoenix, and a branch office is in Tulsa. SRV1 is a DNS server in Phoenix. SRVI holds the primary zone for the eastsim.local zone. To improve name resolution requests in the branch office, you place a secondary copy of the zone on SRV5 in the Tulsa location. Due to recent expansion, you are adding more servers to the Phoenix location. For each server, you manually create the A and PTR records. You find that after you add the server, computers in the Tulsa location are unable to contact the new servers for up to 10 minutes. You want to make sure that hosts in Tulsa can contact these servers using DNS as quickly as possible. What should you do?

Enable DNS Notify options on the zone in SRV1.

Mary is in charge of DNS administration for her network. The private network consists of a single Active Directory domain called private.westsim.com. DNS data is stored in an Active Directory-integrated zone. The sales department has just installed a web server called SalesWeb. This server will host an intranet site for use by the sales team. They want this server to be accessible using the URL sales.westsim.com. What should Mary do?

In the westsim.com domain, create a CNAME record called Sales. Identify SalesWeb.private.westsim.com as the target.

Emma is a system administrator for WestSim Corporation. The network has multiple domains with DNS and DHCP services configured in each domain. All servers are running Windows Server 2012 R2 and all clients are running Windows 8. All hosts are members of the acct.westsim.com domain, the records of which are stored in a primary zone. As part of a new security initiative, The IT department has developed a custom application that reports the host name of each client tries to access three sensitive servers in the Accounting department. Emma has been asked to test the new application. During a random test, she finds that the program is not reporting the host names for some clients, even though it properly records their IP addresses. Emma realized that the custom application submits reverse lookup request to the DNS server to discover the host name for the specified IP address. She also realizes that clients whose host names could not be notified have manually configured static IP addresses on subnet 192.168.3.0, using a default subnet mask. What should you do?

Manually create a PTR record in the 3.168.192.in-addr.arpa zone for each host.

Your organization's IT department has developed a custom application that reports the hostname of each client that tries to access three servers in the accounting depart that store sensitive information. You do a random test and find that the program is not reporting the host names for some clients even though it properly records their IP addresses. This is because the custom application submits reverse lookup requests to the DNS server to discover the host names for the specified IP addresses. As you investigate further, you learn that the clients whose hostnames could not be reported have static IP addresses and are on subnet 192.168.3.0. What should you do?

Manually create a PTR record in the 3.168.192.in-addr.arpa zone for each host.

You manage the DNS infrastructure for your network. Server DNSI holds a primary zone for the research.westsim.com domain. Server DNS2 holds a primary zone for the sales.westsim.com domain. 80th servers are also domain controllers. Computers configured to use DNSI as the preferred DNS server are unable to resolve names for hosts in the sales.westsim.com domain. You need to enable DNS1 to resolve names for hosts in that domain. Your company security policy states that DNS zone transfers are not allowed between DNS1 and DNS2. What should you do?

On DNS1, configure a conditional forwarder for sales.westsim.com.

You manage a network with a main office and one branch office. Each office has its own internet connection, and the offices are connected with a WAN link. All computers in the main office are members of the westsim.private domain. All computers in the branch office are members of the tulsa.westsim.private domain. The DNS1 server in the main office holds a primary zone for the westsim.private domain, while the DNS2 server in the branch office holds the primary zone for the tulsa.westsim.private domain. Clients in the branch office are able to resolve hostnames for the tulsa.westsim.private domain and for all internet hosts. However, they cannot resolve hostnames for hosts in the westsim.private domain. You need to allow hosts in the branch office to resolve names for hosts in the main office while still allowing internet name resolution and minimizing WAN traffic. What should you do?

On DNS2, configure a conditional forwarder for the westsim.private domain to forward all requests to DNS1.

Your network has a single domain named southsim.com. All client computers run Windows 10.DNS data for the domain is stored on the following servers: • DNS1 holds the primary zone for southsim.com. • DNS2 and DNS3 hold secondary zones for southsim.com. All three DNS servers are located on domain controllers. The DNS zone for the domain is configured to allow dynamic updates. You want to allow client computers to send DNS updates to any of the three servers and allow any of the three servers to update DNS records in the zone. What should you do?

On all three servers, change the zone type of the DNS zone to Active Directory-integrated.

You are the network administrator for westsim.com. The network consists of Active Directory domains named westsim.com and sales.westsim.com. The DNS servers in the westsim.com domain are authoritative for the westsim.com DNS domain. The DNS servers in the sales.westsim.com domain are authoritative for the sales.westsim.com DNS domain. All the servers run Windows Server 2016. All the clients run Windows 10. The company plans to implement a new domain named private.westsim.com. You need to design the DNS infrastructure to support the new domain. Your solution must meet the following requirements: • The DNS servers in private.westsim.com must be authoritative for the private.westsim.com DNS domain. • All clients in the forest must be able to resolve private.westsim.com fully qualified domain names (FQDNs). • DNS servers in the westsim.com and sales.westsim.com domains should not be authoritative for the private.westsim.com domain and should not contain any records for nodes in the private.westsim.com. You install Active Directory, create the new domain, and verify that DNS is working within the private.westsim.com domain. What should you do next?

On the DNS servers in westsim.com, you should create a delegation for private.westsim.com and point the delegation to the DNS servers that are authoritative for private.westsim.com.

You want to provide single-label name resolution on your network. You have a domain controller named DC3 that is also a DNS server. You take the following actions on DC3: 1. You enable GlobalNames support on DC3. 2. You create the GlobalNames zone as an Active Directory-integrated zone. 3. You manually create CNAME records for each host that requires single-label name resolution. All other settings use the default settings. DC3 is able to resolve single-label name requests successfully. You have two additional domain controllers in the same forest that are also DNS servers (DC7 and DC9). Single-label name requests sent to these other servers are not resolved correctly. You want these two servers to be able to resolve single-label names. What should you do?

Run dnscmd with the /enableglobalnamessupport 1 option on both servers.

You need to create a DNS record that identifies a service, protocol, and port number. Which record type would you create?

SRV (service)

Your organization uses one primary DNS zone that is backed up by seven secondary DNS zones on other servers. You haven't made any changes to your primary zone. However, you want to be sure that all of your secondaries are up to date. To do this, you want to force a zone transfer to the secondary zones as soon as possible. Click the option in the zone properties that you would use to force a zone transfer.

Serial number / Increment.

You are creating a new DNS zone. To protect your zone data from wire sniffers, your organization's security policy specifies that only secure zone transfers are allowed. Click the option you must use to configure this.

Store the zone in Active Directory (available only if DNS server is a writeable domain Controller)


Related study sets

Example CPDT Questions - Learning theory

View Set

Module Six Masonry Units and Installation Techniques

View Set