1.4 Domain Name Systems Flashcards
1
Q
What does DNS stand for?
A
Domain Name System
2
Q
What are the two software components used in Windows Server 2008 DNS?
A
- DNS server
- DNS client (or resolver)
3
Q
Why is DNS important for network users?
A
It maps user-friendly alphanumeric names to numeric IP addresses.
4
Q
What layer of the TCP/IP reference model does DNS operate in?
A
Application layer
5
Q
What is the default name resolution service in a Windows Server 2008 network?
A
Windows Server 2008 DNS
6
Q
What is the role of the DNS Client service in Windows Server 2008?
A
It contacts a DNS server to resolve a network host name to an IP address.
7
Q
How does Active Directory Domain Services (AD DS) utilize DNS?
A
It uses DNS to locate domain controllers for authentication and other operations.
8
Q
What is the difference between DNS and WINS?
A
DNS is hierarchical while WINS is a flat namespace.
9
Q
What does DHCP provide for Windows Server 2008 DNS?
A
Default support to register and update information for legacy DHCP clients in DNS zones.
10
Q
What does a Domain Name System (DNS) do?
A
Translates a domain name to an IP address.
11
Q
What are the types of DNS records?
A
- NS record (name server)
- MX record (mail exchange)
- A record (address)
- CNAME (canonical)
12
Q
True or False: DNS servers can cache mappings.
A
True
13
Q
What is a fully qualified domain name (FQDN)?
A
It uniquely identifies a host’s position within the DNS hierarchical tree.
14
Q
What is the top of the DNS domain name hierarchy called?
A
Root domain
15
Q
What type of domain is ‘microsoft.com’ considered?
A
Second-level domain
16
Q
What is the purpose of a Start of Authority (SOA) record?
A
It identifies a primary DNS name server for the zone.
17
Q
Fill in the blank: The DNS database consists of ______.
A
resource records (RRs)
18
Q
What are common types of DNS resource records?
A
- A
- NS
- MX
- CNAME
19
Q
What is the primary function of the DNS server?
A
To resolve domain names to IP addresses.
20
Q
What can introduce delays when accessing a DNS server?
A
The need to contact the DNS server and potential propagation delays.
21
Q
What are DNS top-level domains (TLDs)?
A
They indicate the type of organization or country/region.
22
Q
True or False: DNS management is simple and straightforward.
A
False
23
Q
What is the main disadvantage of DNS?
A
It can be complex to manage and is vulnerable to DDoS attacks.
24
Q
What RFCs are foundational for DNS?
A
- RFC 1034
- RFC 1035
25
What is a subdomain?
Additional names derived from a registered second-level domain.
26
How does DNS support hierarchical names?
It allows registration of various data types in addition to host name-to-IP address mapping.
27
What does a CNAME record do?
Points a name to another name or to an A record.
28
What is the root domain of a DNS zone?
The specific domain name that anchors a zone.
29
What does a DNS server need to be considered authoritative for a name?
It must load the zone containing that name.
30
What is the first record in any zone file?
Start of Authority (SOA) RR.
31
What does the SOA RR identify?
A primary DNS name server for the zone.
32
What is DNS delegation?
Assigning responsibility for a portion of a DNS namespace to a different DNS server.
33
What resource record represents DNS delegation?
NS resource record.
34
What are the primary reasons to delegate a DNS namespace?
* Need to delegate management to multiple organizations.
* Need to distribute load among DNS servers.
* Need to allow for a host’s organizational affiliation.
35
How does a DNS server facilitate delegation?
By using NS RRs to identify DNS servers for each zone.
36
What types of zones can represent the same portion of the DNS namespace?
* Primary
* Secondary
* Stub
37
What is a primary zone in DNS?
A zone where all updates for records are made.
38
What is a secondary zone?
A read-only copy of the primary zone.
39
What is a stub zone?
A read-only copy of the primary zone containing only the resource records identifying authoritative DNS servers.
40
What is zone transfer?
The process of replicating a zone file to multiple DNS servers.
41
What is the role of the master DNS server in zone transfer?
It is the source of the zone information during a transfer.
42
What are the two types of zone file replication?
* Full zone transfer (AXFR)
* Incremental zone transfer (IXFR)
43
What is a recursive DNS query?
A query that forces a DNS server to respond with either a failure or success response.
44
What is an iterative DNS query?
A query where the DNS server responds with the best local information it has.
45
What is the Time-to-Live (TTL) in a resource record?
The length of time used by DNS servers to cache information before expiring it.
46
What happens if the TTL is set too short?
Increased utilization of DNS servers and network traffic.
47
What is the impact of setting the TTL to zero?
Significant impact on DNS server performance due to constant querying for expired data.
48
What type of updates does Windows Server 2008 support for the DNS database?
Both static and dynamic updates.
49
What does the DNS Client service architecture illustrate?
Name resolution and update operations.
50
What does the DNS Server service architecture illustrate?
Administration tools and the Windows Management Instrumentation (WMI) interface.
51
What does DNS stand for?
Domain Name Service
52
What is the primary purpose of DNS?
To identify resources on networks
53
In what year was the Domain Name System introduced?
November 1983
54
At which OSI layer does DNS operate?
Application layer
55
What port does DNS use?
53
56
Which RFCs define the DNS protocol?
* RFC 1034
* RFC 1035
57
What is the primary function of the Domain Name System?
To translate domain names to numerical IP addresses
58
What is a DNS name server?
A server that stores the DNS records for a domain
59
What types of records are commonly stored in the DNS database?
* SOA
* A and AAAA
* MX
* NS
* PTR
* CNAME
60
What does SOA stand for in DNS records?
Start of Authority
61
True or False: DNS is intended to be a general-purpose database.
False
62
What does DNSSEC stand for?
Domain Name System Security Extensions
63
What protocol did the Domain Name System originally use for transport?
User Datagram Protocol (UDP)
64
How does the DNS function as a 'phone book' for the Internet?
By translating human-friendly hostnames into IP addresses
65
What is the maximum length of a full domain name in DNS?
253 characters
66
What is the root zone in the DNS structure?
The top of the domain name hierarchy
67
What is the LDH rule in domain names?
Labels may only contain letters, digits, and hyphen
68
What system allows for the use of non-ASCII characters in domain names?
Internationalizing Domain Names in Applications (IDNA)
69
What is the role of authoritative name servers?
To provide definitive answers to DNS queries
70
What are the two types of authoritative name servers?
* Primary server
* Secondary server
71
What is a 'lame delegation' in DNS?
When a name server is designated as authoritative for a domain it does not have data for
72
What is the process called when a DNS resolver queries multiple servers to obtain an answer?
Iterative resolution
73
What is the purpose of caching in DNS?
To improve efficiency and reduce traffic on root servers
74
What does the AA bit in DNS responses indicate?
The server is providing authoritative answers
75
Fill in the blank: The DNS database is conventionally stored in a _______.
zone file
76
Who developed the first ARPANET directory?
Elizabeth Feinler
77
What is the function of the WHOIS directory?
To retrieve information about resources, contacts, and entities
78
What are the top-level domains (TLDs) in DNS?
The right-most labels in domain names, such as .com or .edu
79
What is the role of the Internet Engineering Task Force in the context of DNS?
To publish specifications for DNS protocols
80
What does the term 'zone' refer to in DNS?
A subdomain under the administrative control of a name server
81
How many levels can the tree of domain subdivisions have?
Up to 127 levels
82
What is the role of root name servers in the DNS?
Root name servers are involved in only a relatively small fraction of all requests.
83
What are recursive and caching name servers used for?
To improve efficiency, reduce DNS traffic, and increase performance in end-user applications.
84
What is the purpose of DNS cache servers?
They store DNS query results for a period of time determined by the time-to-live (TTL) of the domain name record.
85
What is a DNS resolver?
The client side of the DNS responsible for initiating and sequencing queries for resource resolution.
86
Define a non-recursive query.
A query where a DNS resolver queries a DNS server that provides a record without querying other servers.
87
What is a recursive query?
A query where a DNS resolver queries a single DNS server that may query other servers on behalf of the requester.
88
What is the difference between iterative and recursive queries?
In iterative queries, each server refers the client to the next server until resolved, while recursive queries are fully resolved by one server.
89
What are glue records?
Records that provide the IP address of an authoritative name server mentioned in a delegation to break circular dependencies.
90
How does record caching work in DNS?
It stores results of name resolution locally with a time to live (TTL) to reduce load on DNS servers.
91
What is a reverse DNS lookup?
A query of the DNS for domain names when the IP address is known.
92
What is the format for storing IP addresses in reverse lookups for IPv4?
IP addresses are stored in reverse-ordered octet representation in PTR records under in-addr.arpa.
93
What happens if a DNS resolver does not find a record?
It may cache the negative result based on the TTL of the SOA record.
94
What is the typical structure of a DNS message?
Each DNS message consists of a header and four sections: question, answer, authority, and additional.
95
What is the significance of the TTL in DNS records?
TTL indicates how long the information remains valid before needing to be refreshed.
96
What are some common DNS record types?
* A
* AAAA
* MX
* TXT
97
What is dynamic DNS (DDNS)?
It updates a DNS server with a client IP address on-the-fly.
98
True or False: The DNS protocol uses different formats for queries and responses.
False
99
What is the function of MX records in DNS?
They provide a mapping between a domain and a mail exchanger.
100
Fill in the blank: A _______ is a combination of the name server and IP address.
glue record
101
What are authoritative name servers?
Servers that provide DNS records for which they are responsible.
102
How does a DNS resolver handle requests?
It checks its cache first, then queries designated DNS servers if the answer is not found.
103
What is the function of the identification field in a DNS message header?
It matches responses with queries.
104
What is DNSSEC?
A security extension for DNS that adds support for cryptographically signed responses
## Footnote
DNSSEC helps protect against certain types of attacks such as DNS cache poisoning.
105
What is the purpose of the TYPE field in a Resource Record (RR)?
Indicates the format of the data and its intended use
## Footnote
Examples include A records for IPv4 addresses, NS records for name servers, and MX records for mail servers.
106
What does the CLASS field in a Resource Record specify?
The class code of the record, typically set to IN for Internet
## Footnote
Other classes include Chaos (CH) and Hesiod (HS).
107
What are wildcard DNS records?
Records that specify names starting with an asterisk, *, to match multiple subdomains
## Footnote
They generate resource records within a DNS zone by substituting whole labels.
108
What is the function of the UPDATE DNS opcode?
Used to add or remove resource records dynamically from a zone database
## Footnote
Useful for registering network clients in DNS when they become available.
109
What transport protocols does DNS use?
User Datagram Protocol (UDP) and Transmission Control Protocol (TCP)
## Footnote
UDP is used for queries, while TCP is used for larger responses and zone transfers.
110
What is DNS over TLS (DoT)?
An IETF standard for encrypted DNS using TLS to protect the entire connection
## Footnote
DoT servers listen on TCP port 853.
111
What does DNS over HTTPS (DoH) do?
Tunnels DNS query data over HTTPS, which transports HTTP over TLS
## Footnote
It uses TCP port 443 to appear similar to web traffic.
112
What are the privacy properties of DNS over QUIC (DoQ)?
Similar to DoT with latency characteristics of classic DNS over UDP
## Footnote
RFC 9250 describes this method.
113
What is DNSCrypt?
A protocol that introduces DNS encryption on the downstream side of recursive resolvers
## Footnote
Clients encrypt query payloads using servers' public keys.
114
What is DNS cache poisoning?
A vulnerability where false data is distributed to caching resolvers
## Footnote
This can redirect legitimate requests to malicious hosts.
115
What is an IDN homograph attack?
A type of spoofing where visually similar characters can mislead users
## Footnote
For example, paypal.com vs paypa1.com.
116
What is DNSMessenger?
A cyber attack technique that uses DNS to communicate with malware
## Footnote
It exploits DNS TXT records to send commands to infected systems.
117
What are the main approaches to counter privacy issues with DNS?
* VPNs
* Tor
* Proxies and public DNS servers
## Footnote
These methods aim to protect user privacy from local ISP surveillance.
118
Who oversees domain name registration?
The Internet Corporation for Assigned Names and Numbers (ICANN)
## Footnote
ICANN accredits domain name registrars and oversees the name and number systems of the Internet.
119
What is a registrant in the context of domain names?
A person or organization that requests domain registration
## Footnote
Registrant information is published using the WHOIS protocol.
120
What is a thick registry approach in domain name registration?
A model where WHOIS data is maintained in central registries
## Footnote
Most Generic top-level domain (gTLD) registries have adopted this approach.
121
What is the maximum TTL for a Resource Record?
About 68 years (2^31 - 1 seconds)
## Footnote
TTL stands for time-to-live and indicates how long a record is valid.
122
What does DENIC stand for?
German NIC
## Footnote
DENIC is the central registry for the .de domain in Germany.
123
What is the thick registry approach?
Keeping WHOIS data in central registries instead of registrar databases
## Footnote
Adopted by most Generic top-level domain (gTLD) registries since about 2001.
124
Which top-level domains use a thin registry model?
COM and NET
## Footnote
In this model, basic WHOIS data is held by the domain registry.
125
What basic WHOIS data is held by domain registries like GoDaddy and VeriSign?
Registrar and name servers
## Footnote
This information is part of the thin registry model for COM and NET domains.
126
What is the role of the Public Interest Registry?
Exclusively manages the ORG domain
## Footnote
ORG domain registrants use this registry specifically.
127
What are network information centers (NIC)?
Organizations that function as both registries and registrars
## Footnote
They provide access to WHOIS datasets in addition to registering domain names.
128
What is a registry-registrar model?
A method where the registry manages the domain name database and relationships with registrars
## Footnote
Used by top-level domain registries for COM, NET, and ORG.
129
In the registry-registrar model, who are the customers of the registrar?
Registrants (users of a domain name)
## Footnote
Sometimes includes additional subcontracting of resellers.
