1.8 Explain the functions of network services Flashcards
Which DNS record can be used for Security?
TXT.(Sender policy framework and Domain Keys identifies mail. (DKIM)
which DNS records is found in a reverse lookup zone?
PTR
what is an IP exlustion
IP address range not given out by DHCP server.
what are some DNS services?
Hostname to IP address Translation
Host Aliasing
Mail server Aliasing
Load Distribution
List and name all DNS Record Types
10 in total
A (Host address)
AAAA (IPv6 host address)
ALIAS (Auto resolved alias)
CNAME (Canonical name for an alias)
MX (Mail eXchange)
NS (Name Server)
PTR (Pointer)
SOA (Start Of Authority)
SRV (location of service)
TXT (Descriptive text)
A Record
A Records are the most basic type of DNS record and are used to point a domain or subdomain to an IP address. Assigning a value to an A record is as simple as providing your DNS management panel with an IP address to where the domain or subdomain should point and a TTL.
AAAA Record
An AAAA record maps a domain name to the IPv6 address of the computer hosting the domain. An AAAA record is used to find the IP address of a computer connected to the internet from a name
RR Record
A resource record, commonly referred to as an RR, is the unit of information entry in DNS zone files; RRs are the basic building blocks of host-name and IP information and are used to resolve all DNS queries. Resource records come in a fairly wide variety of types in order to provide extended name-resolution services
SPF Record
A Sender Policy Framework (SPF) record is a type of Domain Name Service (DNS) TXT record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to detect and prevent spammers from sending messages with forged From addresses on your domain.
TXT Record
A TXT record (short for text record) is a type of resource record in the Domain Name System (DNS) used to provide the ability to associate arbitrary text with a host or other name, such as human readable information about a server, network, data center, or other accounting information.
DKIM Record
Domain Keys Identified Mail is a process to validate sending domain names associated to email messages through cryptographic authentication. It achieves this by inserting a digital signature into the message header which is later verified by the receiving host to validate the authenticity of the sending domain.
SRV Record
The SRV record is a Domain Name System (DNS) resource record that is used to identify computers that host specific services. SRV resource records are used to locate domain controllers for Active Directory.
MX Record
Mail Exchange (MX) records are DNS records that are necessary for delivering email to your address. In simple DNS terms, an MX record is used to tell the world which mail servers accept incoming mail for your domain and where emails sent to your domain should be routed to.
CNAME Record
CNAME is a Canonical Name Record or Alias Record. A type of resource record in the Domain Name System (DNS), that specifies that one domain name is an alias of another canonical domain name. Any system hosting a Web site must have an IP address in order to be connected to the World Wide Web.
NS Record
NS stands for ‘name server’ and this record indicates which DNS server is authoritative for that domain (which server contains the actual DNS records). A domain will often have multiple NS records which can indicate primary and backup name servers for that domain.
PTR Record
A pointer (PTR) record is a type of Domain Name System (DNS) record that resolves an IP address to a domain or host name, unlike an A record which points a domain name to an IP address. PTR records are used for the reverse DNS lookup. Using the IP address, you can get the associated domain or host name.
Internal DNS
The internal clients likely will be members of your internal domain and will use a local DNS server for name-resolution tasks.
External DNS
External DNS clients likely will be in a different domain and will use the Internet’s DNS servers to obtain information about your network. Managed by 3rd party.
Third-party/cloud-hosted DNS
Externally hosted DNS for an internal/private network. May provide additional capabilities (availability, latency, scalability). Not controlled/managed by you.
DNS Hierarchy
DNS uses a hierarchy to manage its distributed database system. The DNS hierarchy, also called the domain name space, is an inverted tree structure, much like eDirectory. The DNS tree has a single domain at the top of the structure called the root domain.
Dot (.) is the designation for the root domain.
Top level Domains (TLDs) & Country TLDs: .com, .net, .edu, .org, “country codes”, etc
2nd/3rd level domains: google, professormesser
DHCP MAC reservations
Static DHCP entry assigning a specific IP address to a specific MAC address. Using MAC reservations has the effect of using DHCP to assign a static IP to specific devices, but doesn’t require manually assigning a static IP the the device.
DHCP Pool
A group of IP addresses. Usually a separate pool for each subnet. Each subnet has its own scope:
* 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24, etc.
DHCP Scope
A pool of contiguous IP addresses
Exceptions can be made inside a scope
DHCP Scope Options
Scope options are used to set additional network information when a host is assigned an IP address:
IP address range, subnet mask, lease duration, DNS, default gateway, WINS server
DHCP IP exclusions
An exclusion removes an IP address or range of IP addresses from the pool of addresses that are given out by the DHCP server. The server will not give out excluded addresses. Therefore, a reservation should be used if a machine has a static IP address that falls within the DHCP address pool.
DHCP Lease time
The DHCP lease is how long a device reserves an IP address on your network. The DHCP timer will try to renew a lease when the lease is 50% expired.
DHCP relay/IP helper
Send DHCP request across broadcast domains
DNS TTL
TTL (Time to Live) is a setting for each DNS record that specifies how long a resolver is supposed to cache (or remember) the DNS query before the query expires and a new one needs to be done.
NTP
Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. NTP is one of the oldest Internet protocols in current use.
NTP Stratum - accuracy level of the NTP source
Sync’ed clocks good for log files & authentication (Kerberos tickets)
IPAM
IP Address Management is an integrated suite of tools to enable end-to-end planning, deploying, managing and monitoring of your IP address infrastructure, with a rich user experience.
