2. Configuring Names Resolution (22 percent)

Question 1

What is LLMNR?

Answer 1

LOCAL LINK MULTICAST NAME RESOLTION

Enabled on WIN 7 and windows 8

works on local subnet

multicasts not broad casts

Question 2

What is NETBIOS?

Answer 2

Uses Broadcasts WINS LMHosts

Question 3

Netbios Node types?

Answer 3

b node broadcast

p node point to point (uses WINS)

m node mixed broad cast & Wins

h node hybrid cast & Wins then LMHosts (default)

Question 4

Netbios large organizations?

Answer 4

use push pull replication

Question 5

What are the ZONES used by DNS?

Answer 5

Primary zone

Secondary zone

Stub zone

Question 6

What is a primary zone?

Answer 6

Primary zone

When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.

Question 7

What is a Secondary zone?

Answer 7

Secondary zone

When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD DS.

Question 8

What is a stub zone?

Answer 8

Stub zone

When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone. This DNS server must have network access to the remote DNS server to copy the authoritative name server information about the zone.

NS & assosiated a records

Question 9

What is a resolver?

Answer 9

The requesting client

Question 10

What replacement for NETBIOS/WINS?

Answer 10

GMZ

Global Names Zone

Create a new zone called ‘GLOBALNAMES’

to enable use cmd

dnscmd . /config /enableglobalnamessupport 1

. is local server else use name of the server

0 disable

1 enable

Question 11

Ipconfig?

Answer 11

/registerdns : register client on DNS

/release - /renew

/flushdns :clearcache :

Question 12

AAAA

Answer 12

Host record for IPv6

Forwards

(same as A record)

Question 13

CMD install DNS on CORE?

Answer 13

start /locsetup DNS-Server-Core-Role

Using /w prevents the command prompt from returning until the installation completes. Without /w, there is no indication that the installation completed.

Case sensitive

Question 14

CORE: Add zone

Answer 14

dnscmd /Zoneadd

Syntax

dnscmd [ServerName] /zoneadd ZoneName ZoneType [/dp FQDN| {/domain|/enterprise|/legacy}] /load

Example

dnscmd dnssvr1.contoso.com /zoneadd test.contoso.com /dsprimary

Question 15

CORE: Add record

Answer 15

dnscmd recordadd

Syntax

dnscmd [ServerName] /recordadd ZoneName NodeName RRType RRData

Example

dnscmd dnssvr1.contoso.com /recordadd contoso.com test A 10.0.0.5

Question 16

CORE: Update AD DNS

Answer 16

dns /zoneupdatefromdns

dnscmd ServerName /zoneupdatefromds ZoneName

Question 17

CMD: Server dns using old host

Answer 17

dnscmd /clearcache

Question 18

Difference between a conditional forwarder and a forwarder?

Answer 18

a forwarder forwards all external (internet) dns queries to another dns server
a conditional forwarder checks the query first and depending on the requested domain he sends it to another server or resolves it himself

Question 19

dnscmd cmd to tighten security

Answer 19

dnscmd /config /CachLockingPercent 90

Prevent malisious overwriting DNS Cache with spoofed hosts

dnscmd /config /SocketPoolSize 5000

Source port randomization is a method that can be used to protect against DNS cache poisoning attacks.

cache poisoning :

Question 20

How to check/start SRV records in promoted DC sever….

Answer 20

1. Restart the Netlogon service on domain controller.
2. Run DcDiag /fix
3. Run NetDiag /ifx
4. Re-register from Netlogon.dns file in \Windows or Winnt\System32\Config directory.

The SRV Records of a domain controller in the domain plays an important role in Active Directory. Active Directory can not work without a DNS server. The DNS server in Active Directory is used to locate Domain Controllers in the forest or domain with the help of SRV records. Service Records or SRV records are registered specifically for domain controllers when you promote a member server to domain controller. The Netlogon service on domain controller is responsible to register SRV records.