DNS

Question 1

What is NetBios

Answer 1

A windows proprietary name resolving service for LANS.

Question 2

How does NetBios work

Answer 2

NetBios has the computer broadcast its information onto the network upon booting. Other NetBios enabled PCs will hear and store this information.

Question 3

What are two downsides to NetBios

Answer 3

• It doesn’t support IP

- It’s not suitable in large networks due to the broadcast spamming

Question 4

What is NetBT

Answer 4

Netbios over TCPIP

Question 5

How would NetBT handle LAN and WAN requests for name resolution?

Answer 5

NetBios for LAN, DNS for WAN

Question 6

What are the ports for NetBios

Answer 6

137, 138, 139

Question 7

What purpose did SMB serve in NetBT. What was its port number?

Answer 7

It was the protocol for file and print sharing on 445

Question 8

True or false: NetBT, due to using NetBios for LAN and DNS for Wan, required you to have a local name for your LAN and a routable DNS for WAN

Answer 8

True

Question 9

What is a DNS resolver

Answer 9

Something that’s main focus is resolving FQDNs to IPs.

Question 10

What is a Name server

Answer 10

A server that holds the IP addressing for FQDNs

Question 11

How should we visualise DNS Zones

Answer 11

As boxes with sticky notes inside for each of the unique A-records. It is a container for a domain’s records.

Question 12

What is an A-record

Answer 12

A single, FQDN to IP resolution. These reside on authoratative servers.

Question 13

What is an authoratative server

Answer 13

The server that physically and logically holds the FQDN for what you’re looking for.

Question 14

What is the type of DNS server below the root on the DNS heirarchy?

Answer 14

Top level domain

Question 15

What is a three step simplified DNS heirarchy?

Answer 15

Root > Top level domain > Authoritative servers

Question 16

What is the naming convention for DNS servers?

Answer 16

The rightmost part being the root. For example
classroom.MartinHigh.Local
or
www.totalsem.com

Question 17

What is a Zone transfer?

Answer 17

This explains how a primary DNS server shares its updated tables with secondary DNS servers that mirror its DNS Zones and records.
It does this by advancing a serial value. Secondary servers regularly look at this value and, if they see it’s different to their own, will request an update from the primary server.

Question 18

What is forward lookup

Answer 18

FQDN > IP

Question 19

What is reverse lookup

Answer 19

IP > FQDN

Question 20

What is the DNS process. From CPU to IP delivery to the CPU.

Answer 20

CPU checks local resolver cacheand HOSTS file for FQDN’s IP. If it’s not there, move on to…
CPU requests IP from the client’s DNS server. If it’s not there, move on to…
Client DNS requesting the IP from a root server. If it’s not there, move on to…
Root gives client DNS an address to the TLD responsible for the address and asks there. If it’s not there, move on to…
TLD will know the authoratative server, and provides the IP of that server. The client DNS will go here, get the IP and send it back to the CPU.

Question 21

What is a AAAA record

Answer 21

An IPv6 FQDN record

Question 22

How do you display your dns information in windows cmd

Answer 22

ipconfig /displaydns

Question 23

What is DNS caching

Answer 23

This is when a DNS server stores (or caches) the data it retrieves so it doesn’t need to go out on the internet to find commonly used DNS queries constantly.

Question 24

What is TTL in relation to DNS caching?

Answer 24

How long something is stored in a cache.

Question 25

Label all of these parts from a SRV record:

_sip._tcp.example.com. 86400 IN SRV 0 5 5060 sipserver.example.com.

Answer 25

service: the symbolic name of the desired service. (_sip.)
proto: the transport protocol of the desired service; this is usually either TCP or UDP. (_tcp.)
name of site: the domain name for which this record is valid, ending in a dot. This is the name of the domain you’re trying to reach? ( example.com.)
ttl: standard DNS time to live field. (86400)
IN: standard DNS class field (this is always IN).
SRV: Type of Record (this is always SRV).
priority: the priority of the target host, lower value means more preferred. This is used to decide which server has priority in answering the query. (0)
weight: A relative weight for records with the same priority, higher value means higher chance of getting picked. (5)
port: the TCP or UDP port on which the service is to be found. (5060)
server target: the canonical hostname of the machine providing the service, ending in a dot. (sipserver.example.com.)

Question 26

What is the point of an SRV record

Answer 26

Whereas MX records only provide information for email services, SRV is a flexible record in that it can be used to resolve numerous kinds of services. For example, one SRV record could be for LDAP and the other could be for VoIP. In the end, it still resolves things. Usually host names to ports instead of IPs, but it’s slightly different.

Question 27

what is an mx record

Answer 27

A record holding mail exchange information.
It will find an authoratative server like any other DNS query, but instead of requesting an A or AAAA record it will ask for an MX one for the specified domain.

Question 28

What is a CNAME

Answer 28

Canonical name is simply an alias for a FQDN

Question 29

What is a PTR record

Answer 29

One found only in reverse lookup zones. This is a pointer record. (FQDN > IP

Question 30

You look at a DNS server and see one of the file type set to SOA. What is this?

Answer 30

State of authority

The primary name server in charge of a specific zone

Question 31

You look at a DNS server and see one of the file type set to NS. What is this?

Answer 31

All of the name servers and their IPs within the domain.

Question 32

For SRV records, what is the difference between priority and weight

Answer 32

Priority prioritizes specific servers over others. This means they will be the priority in answering incoming queries over others.
Weight prioritizes what types of data are answered to first. For example, voip may be a priority and is answered before kerberos queries.

Question 33

What does ipconfig /registerdns do

Answer 33

updates your dns records from your active directory base.

Question 34

What does netstat -s do

Answer 34

Shows TCP/IP information such as packets received and sent

Question 35

How can nslookup -s be used to troubleshoot a network issue?

Answer 35

If you can see packets are sent but none received or vice versa it’s very likely that you have a break in the cable.

Question 36

Other computers on a network resolve names just fine, but yours can never find the server unless you type in an IP address. What cmd could you try here?

Answer 36

ipconfig /flushdns

Question 37

Using ping, how can you check if your DNS is borked?

Answer 37

If you can ping an address successfully but not a FQDN, something DNS related is deaded.