Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Windows Server > Chapter 4 > Flashcards

Chapter 4 Flashcards

1
Q

Your company’s internal namespace is westsim.local. This domain has two additional child domains named
support.westsim.local and research.westsim.local. Due to security concerns, your company’s internal
network is not connected to the Internet.
Following are the DNS servers that you manage for your company:

Dns1, authoritative for . and westsim.local, IP address = 192.168.1.1
Dns2, authoritative for support.westsim.local, IP address = 192.168.2.1
Dns3, authoritative for research.westsim.local, IP address = 192.168.3.1
All internal DNS domains are Active Directory-integrated domains. You have configured Dns1 with appropriate
delegation records for the child zones. You need to configure root hints for Dns2 and Dns3.
What should you do?

Copy the Cache.dns file from Dns1 to Dns2 and Dns3.
In DNS Manager, edit the properties for Dns2 and Dns3. On the Root Hints tab, select the Copy from server option, and specify 192.168.1.1 as the server to copy from.
In DNS Manager, edit the properties for Dns2 and Dns3. On the Root Hints tab, remove all entries, then
add an entry for Dns1.
Edit the Cache.dns file on Dns1. Delete all entries in the file.

A

In DNS Manager, edit the properties for Dns2 and Dns3. On the Root Hints tab, remove all entries, then
add an entry for Dns1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Your Active Directory network uses an internal DNS namespace of private.westsim.com. Several other
Active Directory domains also exist, which are children to the private.westsim.com domain. On the
Internet, your company uses westsim.com for its public domain name.
Your company manages its own DNS servers that are authoritative for the westsim.com zone. The
private.westsim.com zone has been delegated to your company’s Active Directory domain controllers,
which are also DNS servers.
Computers that are members of the private.westsim.com domain and all child domains must be able to
resolve DNS names of Internet resources. However, to help secure your network, DNS queries for resources
in the private.westsim.com domain and all child domains must never be sent to Internet DNS servers.
Queries for Internet names must go first to your public DNS server that is authoritative for the westsim.com
domain. You need to configure your company’s DNS servers to meet these requirements.
What should you do? (Choose two. Each correct choice is part of the solution.)

Delete root hints to Internet DNS servers on all DNS servers that are authoritative for the
private.westsim.com zone or any child zone.

Delete root hints to Internet DNS servers on all DNS servers that are authoritative for the westsim.com
zone.

Configure root hints to Internet DNS servers on all DNS servers that are authoritative for the
private.westsim.com zone or any child zone.

On all DNS servers that are authoritative for the private.westsim.com zone or any child zone, create a
forwarders list. Forward to DNS servers that are authoritative for the parent zone.

On all DNS servers that are authoritative for the westsim.com zone or any child zone, create a
forwarders list. Forward to DNS servers that are authoritative for the child zone.

A

Delete root hints to Internet DNS servers on all DNS servers that are authoritative for the private.westsim.com zone or any child zone.

On all DNS servers that are authoritative for the private.westsim.com zone or any child zone, create a
forwarders list. Forward to DNS servers that are authoritative for the parent zone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You are the systems administrator for WestSim Corporation. You have been assigned to set up a new branch
office in Tulsa. The branch will be represented by a single domain.
You install a single DNS server called TulsaDNS and configure a primary zone for the branch office domain.
You test name resolution and find that hosts can only resolve names for hosts within the domain. You need to
enable clients in the Tulsa location to resolve names for hosts in other domains within your private network.
You would like to minimize traffic across the WAN link between the sites.
What should you do?

Configure TulsaDNS with root hints.
Configure TulsaDNS as a caching-only server.
Configure network clients to use a DNS server located on the rest of the network.
Configure TulsaDNS to use forwarders.

A

Configure TulsaDNS to use forwarders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You administer a branch office connected to the main headquarters with a WAN link. Servers in the branch
office provide DNS and DHCP services. The company network has multiple domains, with a single domain
representing the branch office.
A DNS server called DC1 at the branch office holds the primary zone for the branch domain but holds no
other zone files. DNS servers at headquarters provide name resolution for hosts in other domains.
One day, you come to work to find a number of customer service complaints. They all report something
similar-clients can resolve local host names, but cannot resolve host names for other domains on the
network.
You contact the enterprise administrator and are told that the IP address for the DNS server that was being
used previously as a forwarder for the branch office has been changed to 10.155.11.15.
What should you do to fix the problem?

Modify the DHCP scope properties so that clients use 10.155.11.15 for name resolution.
Configure DC1 as a caching-only server.
Manually configure each client to use 10.155.11.15 for name resolution.
Change the primary zone on DC1 to an Active Directory integrated zone.
Configure DC1 to forward name resolution requests to 10.155.11.15.

A

Configure DC1 to forward name resolution requests to 10.155.11.15.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You manage a network with a main office and one branch office. Each office has its own Internet connection,
and the two offices are connected with a WAN link.
All computers in the main office are members of the westsim.private domain. All computers in the branch
office are members of the tulsa.westsim.private domain.
The DNS1 server in the main office holds a primary zone for the westsim.private domain, while the DNS2
server in the branch office holds the primary zone for the tulsa.westsim.private domain.
Clients in the branch office are able to resolve hostnames for the tulsa.westsim.private domain and for all
Internet hosts. However, they cannot resolve hostnames for hosts in the westsim.private domain.
You need to allow hosts in the branch office to resolve names for hosts in the main office, while still allowing
Internet name resolution and minimizing WAN traffic.
What should you do?

On DNS2, configure a conditional forwarder for the westsim.private domain to forward all requests to
DNS1.
On DNS2, delete the root hints.
On DNS2, add DNS1 as a forwarder. Disable the use of root hints.
On DNS1, add a root zone.

A

On DNS2, configure a conditional forwarder for the westsim.private domain to forward all requests to
DNS1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

You manage the DNS servers for the eastsim.com domain. You have a domain controller named DC1 that
holds an Active Directory-integrated zone for the eastsim.com zone.
You have opened a new branch office in Denver. The DNS namespace will use the denver.eastsim.com
domain for the branch office. You want to configure a server in the Denver location to hold all DNS records for
computers in that domain. An administrator in the Denver office will manage the new domain.
What should you do?

In the DNS console on DC1, create a conditional forwarder for denver.eastsim.com.
In the DNS console on DC1, create a zone delegation for denver.eastsim.com.
In the DNS console on DC1, create a secondary zone for denver.eastsim.com.
In the DNS console on DC1, create a primary standard zone for denver.eastsim.com.

A

In the DNS console on DC1, create a zone delegation for denver.eastsim.com.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

You manage the DNS servers for the eastsim.com domain. You have a domain controller named DNSl that
holds a standard primary zone for the eastsim.com zone.
You would like to configure DNSl to use forwarders for all unknown zones.
You edit the DNS server properties for DNSl. On the forwarders tab, you find that the Use root hints if no
forwarders are available option is disabled. You also find you are unable to edit the forwarders list.
What should you do?

Configure root hints on DNSl.
Change the eastsim.com domain to an Active Directory-integrated zone.
Enable recursion on DNSl.
Configure conditional forwarders.

A

Enable recursion on DNSl.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You are the DNS manager for the southsim.com domain.
You want to configure your single DNS server so that it never uses forwarders for name resolution.
What should you do?

Configure the server’s network connection to use 127.0.0.1 as the only listed DNS server. Remove any other DNS servers.
On the DNS server, disable recursion.
On the DNS server, delete all of the root hint servers from the root hints list.
On the DNS server, disable round robin.

A

On the DNS server, disable recursion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

You manage the DNS infrastructure for your network. Server Dnsl holds a primary zone for the
westsim.com domain. Server Dns2 holds a primary zone for the sales.westsim.com domain. Both servers
are also domain controllers.
Computers configured to use Dns1 as the preferred DNS server are unable to resolve names for hosts in the
sales.westsim.com domain. You need to enable Dns1 to resolve names for hosts in that domain. Zone data
for the sales.westsim.com domain should not be stored on the Dns1 server.
What should you do?

On Dns2, convert the sales.westsim.com zone to an Active Directory-integrated zone.
On Dns2, create a zone delegation for westsim.com.
On Dns1, create a zone delegation for sales.westsim.com.
On Dns1, configure a secondary zone for the sales.westsim.com zone.

A

On Dnsl, create a zone delegation for sales.westsim.com.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

You manage the DNS infrastructure for your network. Server Dns1 holds a primary zone for the
research.westsim.com domain. Server Dns2 holds a primary zone for the sales.westsim.com domain.
Both servers are also domain controllers.
Computers configured to use Dns1 as the preferred DNS server are unable to resolve names for hosts in the
sales.westsim.com domain. You need to enable Dns1 to resolve names for hosts in that domain. Your
company security policy states that DNS zone transfers are not allowed between Dns1 and Dns2.
What should you do?
On Dns1, configure a zone delegation for sales.westsim.com.
On Dns1, configure a secondary zone for sales.westsim.com.
On Dns1, configure a conditional forwarder for sales.westsim.com.
On Dns1, configure a stub zone for sales.westsim.com.

A

On Dns1, configure a conditional forwarder for sales.westsim.com.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You have a computer that runs Windows 8 connected to a domain network.
After reconfiguring the static address of an internal Web server named WEB3, your computer can no longer
connect to WEBB. However, other users are still able to connect to the same Web server.
You need to be able to connect to the website on the WEB3 server.
What should you do?

Run ipconfig /flushdns.
Run ipconfig /renew.
Assign an IP address to WEB3 that is not already assigned to another computer.
Enable Network Discovery.

A

Run ipconfig /flushdns.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Your network has a single Active Directory domain named westsim.local. All westsim.local authoritative
DNS servers are configured to forward DNS requests across a firewall to a public DNS server. All client
computers are members of the westsim.local Active Directory domain, and are configured to use
westsim.local authoritative DNS servers.
Your company has opened one new site in South America. The South America site has its own Internet
connection, and uses a dedicated wide area network (WAN) link to company headquarters in North America
for intranet traffic.
The WAN link between company headquarters in North America and the South America site is expensive and
somewhat unreliable. DNS traffic across this WAN link must be minimized. You need to make appropriate
DNS configurations to meet this requirement.
What should you do? (Choose two. Each choice is part of the correct solution.)

Install a DNS server with no zones in the South America site. Configure the server to forward all DNS
requests to westsim.local authoritative DNS servers.

Configure all client computers in the South America site to use westsim.local authoritative DNS servers at company headquarters.

Install a westsim.local authoritative DNS server in the South America site. Configure the server to
forward all DNS requests that are unrelated to the westsim.local DNS domain to the local Internet
service provider’s DNS server.

Configure all client computers in the South America site to use the new DNS server in the South America
site.

Configure all client computers in the South America site to use the local Internet service provider’s DNS
server.

Install a DNS server with no zones in the South America site. Configure the server to conditionally
forward westsim.local DNS requests to westsim.local authoritative DNS servers and to forward all
other DNS requests to the local Internet service provider’s DNS server.

A

Configure all client computers in the South America site to use the new DNS server in the South America
site.

Install a DNS server with no zones in the South America site. Configure the server to conditionally
forward westsim.local DNS requests to westsim.local authoritative DNS servers and to forward all
other DNS requests to the local Internet service provider’s DNS server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Your network has a single Active Directory domain named westsim.local. All westsim.local authoritative
DNS servers are configured to forward DNS requests across a firewall to a public DNS server. All client
computers are members of the westsim.local Active Directory domain, and are configured to use
westsim.local authoritative DNS servers.
A new site in Seattle has just opened. The Seattle site is connected to company headquarters using a virtual
private networking (VPN) connection. Company policy states that all client computers in all sites must receive
Internet access through a high speed Internet connection at company headquarters. You want to minimize
unnecessary DNS traffic across the VPN connection and configure DNS appropriately to meet company policy.
What should you do? (Choose two. Each choice is part of the correct solution.)

Configure the new DNS server to conditionally forward westsim.local DNS requests to westsim.local
authoritative DNS servers at company headquarters and to use root hints to resolve all other DNS requests.

Install a westsim.local authoritative DNS server in the Seattle site.

Configure the new DNS server to forward all DNS requests across the company firewall to a public DNS server.

Install a caching-only DNS server in the Seattle site.

Configure the new DNS server to forward all DNS requests to westsim.local authoritative DNS servers at company headquarters.

A

Install a caching-only DNS server in the Seattle site.

Configure the new DNS server to forward all DNS requests to westsim.local authoritative DNS servers at company headquarters.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Mary is the network administrator for the Seattle location of the WestSim Corporation. The Seattle location
has a direct connection to the Portland location. The rest of the company’s network is accessible through the
link to the Portland site.
Currently, computers in the Seattle location use the WSDNS4 server in the Portland location for DNS name
resolution. This server hosts secondary zones for the entire network. A DHCP server in the Seattle location
configures each client to use WSDNS4 for name resolution.
Because of network congestion, the enterprise administrator instructs Mary to configure a caching-only server
at the Seattle location. Mary installs the DNS service on the SEA7 server.
What must Mary do to complete the configuration? (Choose two. Each choice is part of the correct solution.)

Configure SEA7 to use WSDNS4 as a root hints server.
Configure SEA7 to use WSDNS4 as a forwarder.
Manually add SEA7 to the list of DNS servers on each client.
Modify the DHCP options so that clients use SEA7 for DNS lookups.
Configure secondary zones on SEA7 to replicate the secondary zones held on WSDNS4.
Configure root hints on SEA7 that point to Internet root zone servers.

A

Configure SEA7 to use WSDNS4 as a forwarder.

Modify the DHCP options so that clients use SEA7 for DNS lookups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Your company’s Internet namespace is westsim.com, and your company’s internal namespace is
internal.westsim.com. Your network has two Windows Server 2012 R2 DNS servers: DNS1 and DNS2.
DNS1 is configured with a root zone and is authoritative for the internal.westsim.com domain. DNS2 is
authoritative for the westsim.com domain.
All client computers are members of the internal.westsim.com domain and are configured to use DNS1 as the primary DNS server.
Client computers on your internal network cannot resolve Internet DNS names. You verify that client
computers can resolve internal DNS names successfully. You also verify that the internal DNS server is
configured to forward all unresolvable DNS names to the company’s Internet DNS server. You must keep your
internal network as secure as possible while making sure that all client computers can resolve Internet DNS
names successfully.
What should you do?

On an Active Directory domain controller, perform an authoritative restore of the root hints data. Then
trigger the Update Server Data Files action on DNS1.
On DNS2, copy the Cache.dns file from the DNS\Backup folder to the DNS folder.
On DNS1, delete the . zone.
On DNS1, add root hints to Internet root DNS servers.

A

On DNS1, delete the . zone.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You are the network administrator for a company that has just implemented Windows Server 2012 R2. To
provide Internet access for your corporate office, you have decided to use a firewall that provides NAT. On
the private network, you install and configure DNS on a Windows Server 2012 R2 server to provide name
resolution.
After you finish the configuration, you realize that no one is able to access the Internet, but they are able to
contact internal servers by their FQDN. A ping test using the IP address of Internet hosts is successful.
You decide to check the forwarders setting on the DNS server, but the option to configure forwarders is
grayed out.
What should you do?

Delete the root forward lookup zone on the internal DNS server.
Verify the NAT configuration on the firewall.
Configure the internal DNS server to use root hints instead of forward.
Create a reverse lookup zone on the internal DNS server.

A

Delete the root forward lookup zone on the internal DNS server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

You manage a network with a single location and a single domain, westsim.com. All client computers on the
private network are members of the westsim.com domain. The westsim.com zone is configured as a primary zone on the DNSl server.
You recently opened a branch office. The branch office is connected to the main office with a WAN link. All
client computers in the branch office are members of the westsim.com domain, and use the DNSl server in
the main office for name resolution.
In analyzing WAN link traffic, you notice a lot of traffic from DNS name resolution. You would like to reduce
the name resolution traffic across the WAN link. However, you do not want any replication traffic to cross the WAN link.
What should you do?

Configure a DNS server in the branch office with a secondary copy of the westsim.com zone. Configure
all client computers in the branch office to use the new DNS server.

Configure a DNS server in the branch office with a primary zone for the westsim.com zone. Configure all client computers in the branch office to use the new DNS server.

Configure a DNS server in the branch office without any zones. Configure all client computers in the
branch office to use the new DNS server.

In the main office, convert the westsim.com zone to an Active Directory-integrated zone. Install a domain controller that also runs DNS in the branch office. Configure all client computers in the branch office to use the new DNS server.

A

Configure a DNS server in the branch office without any zones. Configure all client computers in the branch office to use the new DNS server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

You are the network administrator for westsim.com. The network consists of two Active Directory domains
named westsim.com and sales.westsim.com. The DNS servers in the westsim.com domain are
authoritative for the westsim.com DNS domain. The DNS servers in the sales.westsim.com domain are
authoritative for the sales.westsim.com DNS domain. All the servers run Windows Server 2012 R2. All the
clients run Windows 7 or Windows 8.
The company plans to implement a new domain named private.westsim.com. You need to design the DNS
infrastructure to support the new domain. Your solution must meet the following requirements:

The DNS servers in private.westsim.com must be authoritative for the private.westsim.com DNS
domain.
All clients in the forest must be able to resolve private.westsim.com fully qualified domain names
(FQDNs).
DNS servers in the westsim.com and sales.westsim.com domains should not be authoritative for the
private.westsim.com domain and should not contain any records for nodes in the
private.westsim.com.

You install Active Directory, create the new domain, and verify that DNS is working within the
private.westsim.com domain.
What should you do next?

You should configure a conditional forwarder on one of the DNS servers in the sales.westsim.com
domain. Set the replication scope to All DNS servers in this domain..

You should configure an Active Directory Integrated stub zone for the private.westsim.com domain on one of the DNS servers in the sales.westsim.com domain. Set the replication scope to All DNS servers in this domain..

You should ensure that the private.westsim.com zone is Active Directory Integrated. Set the replication scope to All DNS servers in this forest..

On the DNS servers in westsim.com you should create a delegation for private.westsim.com and point the delegation to the DNS servers that are authoritative for private.westsim.com.

A

On the DNS servers in westsim.com you should create a delegation for private.westsim.com and point the delegation to the DNS servers that are authoritative for private.westsim.com.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Your network has a single domain named southsim.com. All client computers run Windows 7 or Windows 8.
DNS data for the domain is stored on the following servers:

DNSl holds the primary zone for southsim.com.
DNSZ and DNS3 hold secondary zones for southsim.com.
All three DNS servers are located on domain controllers. The DNS zone for the domain is configured to allow
dynamic updates.

You want to allow client computers to send DNS updates to any of the three servers, and allow any of the
three servers to update DNS records in the zone.
What should you do?

On the primary zone, change the settings to allow zone transfer to only the two secondary servers.
On all three servers, change the zone type of the DNS zone to Active Directory integrated.
On the primary zone, change the dynamic update option to allow only secure updates.
On the primary zone, change the settings so that the two secondary servers are notified when the zone is updated.

A

On all three servers, change the zone type of the DNS zone to Active Directory integrated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You are the administrator for the Seattle office of WestSim Corporation. Zone information for the entire
westsim.com domain is stored in a primary zone on the portland.westsim.com server located in the
Portland office.
There is a T1 line between the Seattle and Portland offices, but the line is often saturated with heavy network
traffic, which makes name resolution for those in the Seattle office very slow.
What can you do to improve DNS performance for computers in the Seattle office?

On the portland.westsim.com computer, create a new zone called seattle.westsim.com. Make it a
primary zone, and configure it to use incremental updates.
Install a DNS server in the Seattle location. Configure it with an Active Directory integrated zone of the
westsim.com domain.
Install a DNS server in the Seattle location. Configure it with a secondary zone of the westsim.com
domain.
Install a DNS server in the Seattle location. Configure it with a primary zone of the westsim.com
domain.

A

Install a DNS server in the Seattle location. Configure it with a secondary zone of the westsim.com
domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

You are the administrator for the Creative Designs company. The network uses a single domain named
cdesign.com. A single domain controller (CDDC1) holds an Active Directory-integrated zone and provides
DNS services.
Recently, your company purchased a competitor company, Design Limited, Inc. Their network uses a single
domain named dlimitinc.com, with a single domain controller (DLIDC1) holding an Active Directory-
integrated zone.
Domains for each company are currently in different forests.
You connect the Creative Designs location to the Design Limited location with a T-1 line.
You want to enable hosts at the Creative Designs location to be able to resolve host names for hosts in the
dlimitinc.com zone. You need to minimize hardware costs while maximizing DNS performance.
How should you configure the CDDC1 server at the Creative Designs location to enable clients to resolve
names at Design Limited, Inc.?

Configure the IP address for DLIDC1 as a forwarder for CDDC1.
Create an Active Directory integrated zone of the dlimitinc.com zone on CDDC1.
Create a primary zone of the dlimitinc.com zone on CDDC1.
Create a secondary zone of the dlimitinc.com zone on CDDC1.

A

Create a secondary zone of the dlimitinc.com zone on CDDC1.

22
Q

You are a systems administrator for WestSim Corporation. As part of a new security initiative, the IT
department has developed a custom application that reports the host name of all clients that try to access
three sensitive servers in the Accounting department. The application has been working fine for the last three
months.
The company expands and adds a new building with a LAN connection to the rest of the network. This
building has its own subnet, 192.168.5.0. You create a scope on an existing DHCP server for this subnet.
During a random check of the reporting software, you discover that the application reports only the IP
address but not the host name for clients on the new subnet. Everything works as designed for hosts on other
subnets. You check the DNS database and find that none of the hosts on that subnet have an associated PTR
record.
What should you do?

Manually create CNAME records for each host on the subnet.
Create a secondary reverse lookup zone for subnet 192.168.5.0.
Add a HOSTS file to the server running the reporting software.
Manually create PTR records for each host on the subnet.
Create a primary reverse lookup zone for subnet 192.168.5.0.

A

Create a primary reverse lookup zone for subnet 192.168.5.0.

23
Q

You are setting up a new network in a single location with a single domain named eastsim.com. All servers
run Windows Server 2012 R2, and all clients run Windows 8.
You install a DHCP server and configure it with a scope for the single subnet. You install a DNS server with a
primary zone for the domain.
You want to use dynamic updates to update DNS records in the zone automatically.
What should you do?

Enable dynamic updates on all client computers.
Enable dynamic updates on the eastsim.com zone.
Convert the eastsim.com zone to an Active Directory integrated zone.
Configure the DHCP server to update DNS records for all clients.

A

Enable dynamic updates on the eastsim.com zone.

24
Q

You are the network manager for the westsim.private domain. The SRV1 server runs all file and print
services for the network. In the DNS database, it has an A record that maps srv1.westsim.private to the IP
address of 192.168.16.10.
You want to create a PTR record that maps the IP address to the hostname.
In which zone should you create the record?

westsim. private
192. 168.16.ip4.arpa
16. 168.192.in-addr.arpa
16. 168.192.ip4.arpa
192. 168.16.in-addr.arpa

A

16.168.192.in-addr.arpa

25
Q

Your company uses an Internet domain of westsim.com. Your network also has a single Active Directory
domain named westsim.local. You manage your network’s DNS servers for the westsim.com zone and the
westsim.local zone. All Domain Name Service (DNS) servers on your network run Windows Server 2012 R2.
Your company’s Asia division wants its own Internet namespace, and wants to manage its own DNS servers.
The division will use asia.westsim.com as its Internet domain name.
You want to minimize administrative effort and communication between the two divisions as the Asia division installs DNS servers. To support this goal, you need to make appropriate configurations on the DNS servers
that you manage.
What should you do?

Create an NS record in the westsim.com zone for each asia.westsim.com authoritative DNS server.
Integrate the asia.westsim.com zone into Active Directory.
Create and configure a stub zone named asia.westsim.com.
Add the first Asia division DNS server as a forwarder for the westsim.com zone.

A

Create and configure a stub zone named asia.westsim.com.

26
Q

You are the administrator of the corp.westsim.com domain. All servers in the domain run Windows Server
2012 R2, and all clients run Windows 7 or Windows 8. The domain has two subdomains:

acct. corp.westsim.com
sales. corp.westsim.com.

To improve name resolution, you set up DNS on the srv3.acct.corp.westsim.com server. You create a
secondary zone on that server pointing to the sales.corp.westsim.com zone.
One day, users complain that name resolution through the Srv3 server isn’t working correctly. You suspect
that the zone database is corrupt and want to do a zone transfer of all data from the master zone.
What should you do?

In the DNS console, right-click the zone and choose Transfer from Master.
At the command line, run Dnscmd /ZoneReload.
At the command line, run Dnscmd /ZoneRefresh.
In the DNS console, right-click the zone and choose Reload.
In the DNS console, right-click the zone and choose Reload from Master.

A

In the DNS console, right-click the zone and choose Reload from Master.

27
Q

You administer a network with a single domain. The network has ten Windows 2012 R2 servers and four UNIX
servers. All servers have been manually assigned a static IP address. DC1 and DC2 are domain controllers
that hold Active Directory integrated zones for the domain and provide DNS services for all hosts. DC3
provides DHCP services for network clients.
You decide to install a third DNS server to improve redundancy and performance for DNS queries. Because of
server workload issues, you decide to configure one of the UNIX servers as the DNS server.
You create a secondary zone on a UNIX server and configure it to receive zone information from DC1. Later
that day, you notice that the UNIX DNS server does not hold any DNS records.
What should you do?

On DC1, edit the zone properties to allow zone transfers.

Move the DNS service to a Windows 2000 server. Configure an Active Directory integrated zone.

Change the zone type for the zone on DC1 to primary.

Change the zone type on the UNIX server to primary.

A

On DC1, edit the zone properties to allow zone transfers.

28
Q

You are a network administrator for your company. Your company’s Internet namespace is westsim.com.
The private network has a single Active Directory domain named private.westsim.com.
Two Active Directory domain controllers run Windows Server 2012 R2 with the DNS Server role and have
Active Directory integrated zones for the private.westsim.com zone. A third DNS server located in a remote site runs BIND version 8 and stores a secondary copy of the private.westsim.com zone.
You want to prevent the possibility that a hacker inside your company network might capture DNS and IP
addressing information on your network by installing a rogue secondary DNS server and configuring it to
receive zone transfers from the primary private.westsim.com zone.
What should you do?

In the DNS console, disable the Allow zone transfers option for the private.westsim.com zone.
Configure the DNS server in the remote site to be a caching only DNS server.
In the DNS console, configure the private.westsim.com zone to accept only secure updates.
In the DNS console, configure the private.westsim.com zone to allow zone transfers only to the
remote BIND DNS server.

A

In the DNS console, configure the private.westsim.com zone to allow zone transfers only to the
remote BIND DNS server.

29
Q

You are a network engineer for a large private network. The network has a corporate headquarters site, six
regional sites, and dozens of branch sites per region. The network’s private namespace consists of a single
DNS domain that is a subdomain of a registered public DNS domain.
To provide DNS name resolution fault tolerance and performance, each site has its own DNS server. All DNS
servers run Windows Server 2012 R2. The DNS server in the corporate headquarters site is a primary DNS
server. All other DNS servers are secondary DNS servers for the private namespace.
The primary DNS server for the private network is overwhelmed with zone transfer requests. You must
redesign the network’s DNS structure to alleviate this problem.
What should you do?

Change all DNS servers in regional sites to be primary DNS servers.

Configure the DNS zone for the private network to be an Active Directory integrated zone.

Install another primary DNS server in the corporate headquarters site. Configure half the DNS servers to
receive zone transfers from the new primary DNS server.

Configure DNS servers in branch sites to receive zone transfers from a DNS server in a regional site.

A

Configure DNS servers in branch sites to receive zone transfers from a DNS server in a regional site.

30
Q

You company has offices in Denver, Atlanta, and Phoenix. All sites are connected using wide area network
(WAN) connections. All servers, including domain controllers, run Windows Server 2012 R2 and are domain
members.
The company’s research department is located in Phoenix and has its own Active Directory domain named
research.corp.westsim.com. All other departments are located in Denver or Atlanta, and are part of the
corp.westsim.com domain.
You are creating the DNS zones. All DNS servers are also domain controllers. You will use Active Directory
integrated zones for both zones.
As part of your security plan, you must prevent zone data from being transferred to rogue DNS servers that
might seek zone transfers from valid DNS servers. You must also prevent eavesdropping of any DNS data
replicated between DNS servers.
What should you do?

For both zones, disable the Allow zone transfers option.
Configure research.corp.westsim.com as a stub zone of corp.westsim.com.
Create an IPSec tunnel between any two DNS servers which host identical zones and participate in zone
transfers with each other.
Configure both zones to accept only secure dynamic updates.

A

For both zones, disable the Allow zone transfers option.

31
Q

You are the systems administrator for EastSim Corporation. Domain controllers at headquarters host Active
Directory integrated zones for the domain eastsim.com domain.
The company has recently purchased a small design company located in Tampa. The new company will
become a branch office connected to headquarters with a T-1 line. You have been sent to integrate the
branch office into the corporate network.
The existing network in Tampa is using a UNIX BIND-based DNS server. Rather than replace this server, you
decide to use it to provide name resolution for the branch office. You want all clients in the branch office to be
able to resolve hostnames for hosts in the eastsim.com domain. You want to minimize network traffic across
the WAN link and provide the fastest name resolution services possible.
What should you do?

Create a primary zone on the UNIX DNS server. Have it replicate data from one of the domain controllers configured as a DNS server.

Configure the UNIX server as a caching-only server. Have it forward name requests to a DNS server at headquarters.
On one of the DNS servers at headquarters, change the zone type for eastsim.com to a primary zone.

Change the zone type for all other DNS servers to secondary zones. Create a secondary zone on the
UNIX DNS server. Have it replicate data from one of the DNS servers at headquarters.

Create a secondary zone on the UNIX DNS server. Have it replicate data from one of the domain controllers configured as a DNS server.

On one of the DNS servers at headquarters, change the zone type for eastsim.com to a primary zone.
Change the zone type for all other DNS servers to secondary zones. Create a secondary zone on the
UNIX DNS server. Have it replicate data from one of the primary zone at headquarters.

A

Create a secondary zone on the UNIX DNS server. Have it replicate data from one of the domain
controllers configured as a DNS server.

32
Q

You are in the process of setting up a new network at a new location. The network uses a single domain
named eastsim.com. The DC1 server is a domain controller that also provides DNS services. It hosts a
primary zone for the eastsim.com zone.
The network has 150 hosts on three subnets, all of which receive IP addresses from a DHCP server. The
dhcpl server is configured with three scopes, one for each subnet.
Because some clients are not capable of dynamic DNS, you decide to configure the DHCP server to update
DNS for all clients. In the DHCP snap-in, you edit the properties of the DHCP server and select the
Automatically Update DHCP Client Information in DNS option.
Shortly after the server is up and running, you discover the DNS server is not receiving the automatic
updates.
What should you do?

In the DHCP snap-in, configure each scope to update client information in DNS.

In the DHCP snap-in, edit the DHCP server properties and select the Update DNS only if DHCP client requests option.

In the DHCP snap-in, edit the DHCP server properties and disable the Discard forward (name-to-address) lookups when the lease expires option.

In the DNS snap-in, enable dynamic DNS on the eastsim.com zone.

A

In the DNS snap-in, enable dynamic DNS on the eastsim.com zone.

33
Q

You administer the DNS and DHCP servers on your network. The network has just added a new subnet. The
subnet is represented as a new domain in DNS named acct.istp.private. The subnet uses address
192.168.16.0/24. All servers on the subnet run Windows 2012 R2 and all clients run Windows 7 or Windows
8. The new subnet will use existing DNS and DHCP servers on another subnet.
You need to configure DNS to support the new subnet. You configure a delegation to the new domain from its
parent, and create a primary zone for the new domain. You also create a primary reverse lookup zone for the
subnet address.
When you check the DNS database, you find that there are no A or PTR records for hosts on the subnet. At a
client computer, you run the Ipconfig /registerdns command. However, the corresponding DNS records
are still not created.
What should you do?

Configure the DHCP server to always update DNS records for clients.
Change the zone type for both new zones to Active Directory integrated.
Enable dynamic updates on acct.istp.private and the reverse lookup zone for the subnet.
Add the subnet address to the list of interfaces for the DNS server.

A

Enable dynamic updates on acct.istp.private and the reverse lookup zone for the subnet.

34
Q

Emma is a systems administrator for WestSim Corporation. The network has multiple domains with DNS and
DHCP services configured in each domain. All servers are running Windows Server 2012 R2 and all clients are
running Windows 8. All hosts are members of the acct.westsim.com domain, the records of which are
stored in a primary zone.
As part of a new security initiative, the IT department has developed a custom application that reports the
host name of each client that tries to access three sensitive servers in the Accounting department. Emma has
been asked to test the new application.
During a random test, she finds that the program is not reporting the host names for some clients, even
though it properly records their IP addresses. Emma realizes that the custom application submits reverse
lookup requests to the DNS server to discover the host name for the specified IP address. She also realizes
that the clients whose host names could not be notified have manually-configured static IP addresses on the
192.168.3.0 subnet, using a default subnet mask.
What should Emma do?

Manually create a PTR record in the 3.168.192.in-addr.arpa zone for each host.
Manually create a CNAME record in the 3.168.192.in-addr.arpa zone for each host.
Manually create an A record in the 3.168.192.in-addr.arpa zone for each host.
Manually create a CNAME record in the acct.westsim.com zone for each host.
Manually create an A record in the acct.westsim.com zone for each host.
Manually create a PTR record in the acct.westsim.com zone for each host.

A

Manually create a PTR record in the 3.168.192.in-addr.arpa zone for each host.

35
Q

Mary is in charge of DNS administration for her network. The private network consists of a single Active
Directory domain called private.westsim.com. DNS data is stored in a Active Directory-integrated zone.
The Sales department has just installed a Web server called SalesWeb. This server will host an intranet site
for use by the Sales team. They want this server to be accessible by using the URL sales.westsim.com.
What should Mary do?

In the private.westsim.com domain, create a PTR record that identifies sales.westsim.com as the alternate URL for the SalesWeb server.

Create a second A record in the private.westsim.com domain. Use sales as the name. Identify the IP address of SalesWeb in the resource record.

In the westsim.com domain, create a CNAME record called sales. Identify SalesWeb.private.westsim.com as the target.

Place HOSTS files on each workstation in the Sales department. Create an entry with the IP address for
SalesWeb that references the sales.westsim.com name.

A

In the westsim.com domain, create a CNAME record called sales. Identify SalesWeb.private.westsim.com as the target.

36
Q

You manage the intranet servers for EastSim Corporation. The company network has three domains:
eastsim.com, asiapac.eastsim.com, and emea.eastsim.com.
The main company Web site runs on the web1.eastsim.com server with a public IP address of
101.12.155.99. A host record for the server already exists in the eastsim.com zone.
You want Internet users to be able to use the URL http://www.eastsim.com to reach the Web site.
What type of DNS record should you create?

SRV
A
CNAME
NS
SOA
PTR
A

CNAME

37
Q

You manage the intranet servers for EastSim Corporation. The company network has three domains:
eastsim.com, asiapac.eastsim.com, and emea.eastsim.com.
The main company Web site runs on the web1.eastsim.com server with a public IP address of
101.12.155.99. A host record for the server already exists in the eastsim.com zone.
You want Internet users to be able to use the URL http://eastsim.com to reach the Web site.
What should you do?

In the eastsim.com domain, create an SRV record for the _http protocol pointing to server web1.eastsim.com.
In the eastsim.com domain, create a CNAME record with a blank name pointing to server web1.eastsim.com.
In the eastsim.com domain, add an NS record for the web1.eastsim.com server.
In the eastsim.com domain, edit the SOA record and enter web1.eastsim.com as the primary server.
In the eastsim.com domain, create a DNAME record pointing to server web1.eastsim.com.

A

In the eastsim.com domain, create a CNAME record with a blank name pointing to server web1.eastsim.com.

38
Q

You are the network manager for the westsim.private domain. You are in the process of transitioning from
IPv4 to IPv6 on your internal network.
You want to configure DNS to provide hostname-to-IPV6 address and IPv6 address-to-hostname resolution
for a specific IPv6-only host.
Which record types would you create? (Select two.)

A
PTR
CNAME
AAAA
SRV
NS
A

PTR

AAAA

39
Q

You manage the intranet servers for EastSim Corporation. The company network has three domains:
eastsim.com, asiapac.eastsim.com, and emea.eastsim.com.
You create a primary zone for the eastsim.com domain on the n51.eastsim.com server. Two additional
servers, nsZ.eastsim.com and n53.eastsim.com hold secondary copies of the zone.
One day the n53 server fails. While it is offline, you want to remove server ns3 as an authoritative server for
the zone.
What should you do?

Delete the PTR record for server n53.
Delete the A record for server n53.
Delete the SOA record for the zone.
Delete the NS record for server n53.

A

Delete the NS record for server n53.

40
Q

You are the manager for the westsim.com domain. All computers are members of the westsim.com
domain. A single Windows Server 2012 R2 server is the domain controller and DNS server for the domain.
You have recently installed a new server, srv12, with IP address 192.168.3.199/24. You need to manually
create a record in the DNS database that provides IP address-to-hostname resolution.
Which command would you use?

dnscmd /recordadd westsim.com 192.168.3.199 A srv12

dnscmd /recordadd 3.168.192.in-addr.arpa 199 PTR srv12.westsim.com

dnscmd /recordadd westsim.com srv12 A 192.168.3.199

dnscmd /recordadd 192.168.3.in-addr.arpa 199 PTR srv12.westsim.com

A

dnscmd /recordadd 3.168.192.in-addr.arpa 199 PTR srv12.westsim.com

41
Q

You need to create a DNS record that identifies a service, protocol, and port number.
Which record type would you create?

SRV
A
CNAME
PTR
MX
A

SRV

42
Q

You are the network administrator for northsim.com. The network consists of a single Active Directory
domain. There is one main office in the company located in one building. All the servers run Windows Server
2012 R2. All the clients run Windows 7 or Windows 8. A server named DC1 hosts the PDC Emulator flexible
single master operations (FSMO) role. There are three other domain controllers named DC2, DC3 and DC4.
Users complain that it sometimes takes several minutes to be authenticated to the domain. You determine
that this occurs when users are authenticated by DC1. You need to permanently reduce the number of
authentication requests being serviced by DC1 in order to improve authentication performance in the domain.
DC1 must still remain able to authenticate users if necessary.
What should you do?

Delete the DNS SRV records relating to DC1 from the _msdcs.northsim.com domain.
Change the weight for the DNS SRV record for DC1 to a weight greater than 100.
Change the weight for the DNS SRV record for DC1 to a weight less than 100.
Disable the netlogon service on DC1.

A

Change the weight for the DNS SRV record for DC1 to a weight less than 100.

43
Q

You are the network administrator for westsim.com. The network consists of a single Active Directory
domain. All the servers run Windows Server 2012 R2. All the clients run Windows 7 or Windows 8. There is
one main office and several branch offices, one of which is located in New York. The main office has four
domain controllers and each branch office has two domain controllers. The domain controllers in the New York
branch office are named NYDC1 ancl NYDC2.
Users in the New York office complain that after maintenance was performed on NYDC2, it now takes a
considerably longer time to log on to the network. You determine that the problem is that NYDC1 is servicing
all the logon requests. No logon requests are being serviced by NYDC2. You further discover that the IP
address entered in the NYDC2 network interface for DNS is incorrect. Investigation of the
msdcs.westsim.com zone reveals that there are no SRV records present relating to NYDC2. You enter the
correct IP address for DNS in the network interface on NYDC2. You need to make sure that the appropriate
SRV records identifying NYDC2 as a domain controller are registered in DNS in the minimum amount of time.
What should you do?

You should run the Dnscmd [exportsettings command on NYDC2.
You should restart the netlogon service on NYDC2.
You should run the Ipconfig [registerdns command on NYDC2.
Reboot the server NYDC2.

A

You should restart the netlogon service on NYDC2.

44
Q

Your company has started the transition to IPv6.
You need to configure records on the DNS server so that clients can submit an IPv6 address and receive back
the host name for that computer.
What should you do?

Create NS records
Create PTR records
Create AAAA records
Create PTR6 records
Create A records
A

Create PTR records

45
Q

You are the network administrator for a single domain with three subnets.
Two subnets have all Windows 8 computers. The conference room uses the third subnet. Traveling salesmen
come to the conference room and plug in their laptops to gain network access.
You have configured a DHCP server to deliver configuration information to hosts on this subnet. DNS is
configured for dynamic updates.
Over time, you notice that the size of the DNS database continues to grow. It is beginning to have an adverse
effect on DNS server performance.
What should you do?

Enable scavenging of stale resource records on the zone.
Decrease the ‘l’l’L for the SOA record.
Clear the DNS cache on the server.
Compact the DNS zone file.

A

Enable scavenging of stale resource records on the zone.

46
Q

You are the DNS manager for the eastsim.com domain.
You have set up a Web site for your intranet that holds company information for use by the employees.
Employees access the Web site using the URL: intraweb.eastsim.com.
Because of the large number of employees, you decide to configure three different Web servers that will hold
the intranet content. When users enter the URL in their browsers, you want the DNS server to respond with
the IP address of one of the three servers. The DNS server should evenly use each of the three Web server
addresses.
What should you do? (Select two. Each choice is a required part of the solution.)

On the DNS server, enable DNS round robin.
Configure three different host (A) records for intraweb.eastsim.com, with each pointing to a different
server.
Configure a single host (A) record for intraweb.eastsim.com.
Configure each Web server with the same IP address.

A

On the DNS server, enable DNS round robin.

Configure three different host (A) records for intraweb.eastsim.com, with each pointing to a different
server.

47
Q

You are the network administrator for eastsim.com. The network consists of a single Active Directory
domain. All of the servers run Windows Server 2012 R2. All of the clients run Windows 7 or Windows 8. There
are two main sites: one in New York and one in Los Angeles. All of the computers in the New York site are
configured with IP addresses in the 10.0.0.0/24 subnet. All of the computers in the Los Angeles site are
configured with IP addresses in the 172.16.0.0/24 subnet.
There is an application server located in New York named APP1 with an IP address of 10.0.0.10. There is a
replica application server located in Los Angeles also named APP2 with an IP address of 172.16.0.10. Users
must access the application using a URL of Http://customapp.eastsim.com. You create two CNAME records for
customapp.eastsim.com that link to each of the two application servers. You need to ensure that users in
each office will be referred to the local server when accessing the applications using this URL.
What should you do?

Enable the Disable Recursion option on the DNS server.
Enable the BIND Secondaries option on the DNS server.
Enable the Netmask Ordering option on the DNS server.
Enable the Round Robin option on the DNS server.

A

Enable the Netmask Ordering option on the DNS server.

48
Q

This question includes an image that provides information to help you answer the question. The image shows the current scavenging settings for the eastsim.com domain. As you check records in the zone, you find several records that have not been updated for 16 days or longer. You need to make sure that records are automatically removed if they have not been updated in the last 14 days.
What should you do?

Enable automatic scavenging on the zone.
Decrease the no-refresh interval setting.
Decrease the refresh interval setting.
Increase the refresh interval setting.

A

Enable automatic scavenging on the zone.

49
Q

The image shows the current scavenging settings for the eastsim.com domain. Host (A) records within the
zone are configured to refresh themselves every 7 days.
You notice that sometimes a host record will be removed from the database, even though the host still exists
on the network. You need to make sure that records are only removed when the host no longer exists.
What should you do?

Decrease the refresh interval setting.
Increase the refresh interval setting.
Increase the no-refresh interval setting.
Decrease the no-refresh interval setting.

A

Increase the refresh interval setting.

50
Q

You are the DNS manager for the eastsim.com domain. You have a domain controller named DC1 that holds
an Active Directory-integrated zone for the eastsim.com zone.
Users have complained about multiple DNS name resolution errors. You have examined the configuration, but
can’t see anything wrong.
To help identify the problem, you would like to track the DNS packets sent and received by the server, as well
as filter by IP address.
What should you do?

On the DNS server, enable automatic scavenging
On the DNS server, enable debug logging.
On the DNS server, enable event logging.
On the DNS server, configure the server for multibyte (UTF8) name checking.

A

On the DNS server, enable debug logging.

51
Q

You are the network administrator for westsim.com. The network consists of a single Active Directory
domain. All the servers run Windows Server 2012. All the clients run Windows 7 or Windows 8.
westsim.com has one main office with a single subnet. There are two application servers located in the main
office that host a custom web application named APP1 and APP2.
You have been instructed to ensure that APP1 and APP2 each service about half of the clients who need
access to the custom web application using the minimum amount of administrative effort. You create two
CNAME records linking the customapp.westsim.com Fully Qualified Domain Name (FQDN) to each of the
servers.
What should you do next?

Enable Netmask Ordering on the DNS server.
Enable BIND Secondaries on the server.
Create an entry in the hosts file on each client for customapp.westsim.com. Use the IP address for APP1 on half of the computers and the IP address for APP2 on the other half.
Enable Round Robin on the DNS server.

A

Enable Round Robin on the DNS server.

52
Q

You manage a network with two locations: the main office is in Phoenix, and a branch office is in Tulsa.
Srv1 is a DNS server in Phoenix, and holds the primary zone for the eastsim.local zone. To improve name
resolution requests in the branch office, you place a secondary copy of the zone on Srv5 in the Tulsa location.
Due to recent expansion, you are adding more servers to the Phoenix location. For each server, you manually
create the A and PTR records. You find that after you add the server, computers in the Tulsa location are
unable to contact the new servers for up to 10 minutes. You want to decrease the amount of time for
changes to the zone to be transferred to the server in Tulsa.
What should you do?

Decrease the no-refresh interval in the zone properties.
Decrease the refresh interval in the SOA record for the zone.
Increase the expires after setting in the SOA record for the zone.
Increment the zone serial number on Srv1 each time you make a change.

A

Decrease the refresh interval in the SOA record for the zone.

Windows Server (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions