Network Services Flashcards
What does DNS use to partition the domain landscape?
Zone files
Zone files contain what? Give example
Resource records like A records and MX records.
What is the IPv6 equivalent of A-resource records?
AAAA record
What do TXT records allow?
To add arbitrary information relating to the DNS in text form and for this to be queries. An example would be showing proof of ownership for a domain name by way of adding the name of the business or person and their address details to the TXT record.
How does Sender Policy Framework record work
It tells the internet which email servers a domain uses to send mail. When mail is received at another domain, it will check the SPF record and compare the sending email servers, if they don’t match the mail will be rejected.
What is DKIM and what does it enable?
Domain Key’s Identified Mail. Similar to SPF, it allows for authentication of email messages but it uses a cryptographic key stored in the TXT record.
What are SRV records used for?
Service (SRV) locator records are used for locating services such as LDAP or SIP
What type of DNS record assists mail servers in identifying the mail server for your domain?
MX record
*if you want to receive mail from other domains, you need this record set
What must you publish if you want to receive mail from other mail servers?
an MX record
If you wanted a host to have more than one FQDN, how would you accomplish this?
By using a CNAME record to specify the alternative FQDN name and map it to the FQDN in the A record
What type of record maps an IP to an FQDN?
PTR (Pointer Records)
*this is known as a reverse lookup
Which type of DNS record contains all the servers responsible for a particular zone file?
NS record (Name Server). note - you can't perform a zone transfer without them
what does the SOA record do?
The Start Of Authority record defines parameters in the zone file like what is the primary DNS server, the TTL and refresh intervals to update secondary DNS servers
What is the split-brain DNS model?
Whereby DNS is split so that one DNS handles internet/public host resolution and another is based internally to manage private host name resolution.
What is the risk of using a public DNS to resolve hosts on a private network?
If the same DNS was used to resolve both external and internal, a hacker would be able to find out internal names easily.
When might you use cloud-hosted DNS?
If the number of records/maintenance of your external DNS is large.
What is the job of the primary DNS server?
To host a domain’s zone file (editable copy)
How can external DNS traffic be cut down?
By using a forwarding/DNS caching server to save results
What is MAC reservation
a feature of DHCP whereby a MAC address can be assigned the same IP address each time it requests an IP from the DHCP
Besides IP address and subnet mask, what are the most important DHCP options?
1) Router option (default gateway)
2) DNS Server IP address
3) DNS suffix
What type of packet is used to renew a DHCP lease? At what point during the lease cycle is this done?
DHCP Request packet
It is sent when 50% of the lease cycle duration has passed
How can you get a DHCP server to respond to DHCP Discover broadcast packets from hosts on different subnets?
By enabling IP HELPER on a router router to forward them directly to the DHCP server.
Or using DHCP Relay server to forward them if the router doesn’t support IP helper.
What uses stratums? What are they?
NTP uses stratums. A stratum represents a level in a hierarchy of precision clocks. stratum 0 is the highest and is generally an atomic clock. Stratum 1 is a host system that derives it’s clock from stratum 0 and so on.
What can happen to system time across virtual machines and how can this problem be rememdied?
The system clocks can drift out of synch. NTP can be used to prevent this.
What service allows an admin to keep track of and manage IP addresses?
IP Address Management
*IPAM allows centralized management of DHCP and DNS
If aDHCP server doesn’t respond to a DHCP Request, at what point in the lease cycle duration will the host try contacting ALL LISTENING SERVERS BEFORE GIVING UP THE ADDRESS?
at 7/8 of the lease period.
List the steps in the DORA process
1) DISCOVER - client requests DHCP Discover message (broadcast)
2) OFFER - DHCP responds with a DHCP Offer message (unicast)
3) REQUEST - client sends DHCP Request message to server (broadcast)
4) ACKNOWLEDGE - server responds with DHCP Acknowledge (unicast)
What do DHCP, BOOTP and RARP have in common?
They can all allocate IP addresses
- for RARP, a computer sends a request to a RARP server requesting it’s IP address.
- *DHCP/BOOTP has largely replaced RARP
What can DHCP do that BOOTP can’t?
Allocate IP addresses DYNAMICALLY (as opposed to AUTOMATICALLY, which both can do)
Where would you place your external DNS server?
In the DMZ
Dynamic DNS, along with DHCP, allows hosts to automatically update which two DNS resource records?
the A record and PTR record
Active Directory integrated zones protect what?
It adds protection when the host updates the A and PTR records so that only the host can modify or delete them
List the steps in a typical DNS recursive query
1) The resolver (service running on the host/client) will check the DNS cache first
2) If the answer isn’t in the DNS cache, the resolver points the request to the configured DNS server
4) if the internal DNS server cannot resolve the answer, it will forward the request to the ISP DNS servers (If the internal DNS server cannot resolve the answer, it may query the external DNS servers directly)
4) If the ISP DNS servers are unable to resolve the query they will query the Internet DNS servers
what’s the difference between a recursive DNS query and an iterative one?
1) in a recursive query the DNS server does the entire job of fetching an answer for your query
2) in an iterative one, it will refer the host to servers where it may have the answer