Network Services

Question 1

What does DNS use to partition the domain landscape?

Answer 1

Zone files

Question 2

Zone files contain what? Give example

Answer 2

Resource records like A records and MX records.

Question 3

What is the IPv6 equivalent of A-resource records?

Answer 3

AAAA record

Question 4

What do TXT records allow?

Answer 4

To add arbitrary information relating to the DNS in text form and for this to be queries. An example would be showing proof of ownership for a domain name by way of adding the name of the business or person and their address details to the TXT record.

Question 5

How does Sender Policy Framework record work

Answer 5

It tells the internet which email servers a domain uses to send mail. When mail is received at another domain, it will check the SPF record and compare the sending email servers, if they don’t match the mail will be rejected.

Question 6

What is DKIM and what does it enable?

Answer 6

Domain Key’s Identified Mail. Similar to SPF, it allows for authentication of email messages but it uses a cryptographic key stored in the TXT record.

Question 7

What are SRV records used for?

Answer 7

Service (SRV) locator records are used for locating services such as LDAP or SIP

Question 8

What type of DNS record assists mail servers in identifying the mail server for your domain?

Answer 8

MX record

*if you want to receive mail from other domains, you need this record set

Question 9

What must you publish if you want to receive mail from other mail servers?

Answer 9

an MX record

Question 10

If you wanted a host to have more than one FQDN, how would you accomplish this?

Answer 10

By using a CNAME record to specify the alternative FQDN name and map it to the FQDN in the A record

Question 11

What type of record maps an IP to an FQDN?

Answer 11

PTR (Pointer Records)

*this is known as a reverse lookup

Question 12

Which type of DNS record contains all the servers responsible for a particular zone file?

Answer 12

NS record (Name Server).
note - you can't perform a zone transfer without them

Question 13

what does the SOA record do?

Answer 13

The Start Of Authority record defines parameters in the zone file like what is the primary DNS server, the TTL and refresh intervals to update secondary DNS servers

Question 14

What is the split-brain DNS model?

Answer 14

Whereby DNS is split so that one DNS handles internet/public host resolution and another is based internally to manage private host name resolution.

Question 15

What is the risk of using a public DNS to resolve hosts on a private network?

Answer 15

If the same DNS was used to resolve both external and internal, a hacker would be able to find out internal names easily.

Question 16

When might you use cloud-hosted DNS?

Answer 16

If the number of records/maintenance of your external DNS is large.

Question 17

What is the job of the primary DNS server?

Answer 17

To host a domain’s zone file (editable copy)

Question 18

How can external DNS traffic be cut down?

Answer 18

By using a forwarding/DNS caching server to save results

Question 19

What is MAC reservation

Answer 19

a feature of DHCP whereby a MAC address can be assigned the same IP address each time it requests an IP from the DHCP

Question 20

Besides IP address and subnet mask, what are the most important DHCP options?

Answer 20

1) Router option (default gateway)
2) DNS Server IP address
3) DNS suffix

Question 21

What type of packet is used to renew a DHCP lease? At what point during the lease cycle is this done?

Answer 21

DHCP Request packet

It is sent when 50% of the lease cycle duration has passed

Question 22

How can you get a DHCP server to respond to DHCP Discover broadcast packets from hosts on different subnets?

Answer 22

By enabling IP HELPER on a router router to forward them directly to the DHCP server.
Or using DHCP Relay server to forward them if the router doesn’t support IP helper.

Question 23

What uses stratums? What are they?

Answer 23

NTP uses stratums. A stratum represents a level in a hierarchy of precision clocks. stratum 0 is the highest and is generally an atomic clock. Stratum 1 is a host system that derives it’s clock from stratum 0 and so on.

Question 24

What can happen to system time across virtual machines and how can this problem be rememdied?

Answer 24

The system clocks can drift out of synch. NTP can be used to prevent this.

Question 25

What service allows an admin to keep track of and manage IP addresses?

Answer 25

IP Address Management

*IPAM allows centralized management of DHCP and DNS

Question 26

If aDHCP server doesn’t respond to a DHCP Request, at what point in the lease cycle duration will the host try contacting ALL LISTENING SERVERS BEFORE GIVING UP THE ADDRESS?

Answer 26

at 7/8 of the lease period.

Question 27

List the steps in the DORA process

Answer 27

1) DISCOVER - client requests DHCP Discover message (broadcast)
2) OFFER - DHCP responds with a DHCP Offer message (unicast)
3) REQUEST - client sends DHCP Request message to server (broadcast)
4) ACKNOWLEDGE - server responds with DHCP Acknowledge (unicast)

Question 28

What do DHCP, BOOTP and RARP have in common?

Answer 28

They can all allocate IP addresses

• for RARP, a computer sends a request to a RARP server requesting it’s IP address.
• *DHCP/BOOTP has largely replaced RARP

Question 29

What can DHCP do that BOOTP can’t?

Answer 29

Allocate IP addresses DYNAMICALLY (as opposed to AUTOMATICALLY, which both can do)

Question 30

Where would you place your external DNS server?

Answer 30

In the DMZ

Question 31

Dynamic DNS, along with DHCP, allows hosts to automatically update which two DNS resource records?

Answer 31

the A record and PTR record

Question 32

Active Directory integrated zones protect what?

Answer 32

It adds protection when the host updates the A and PTR records so that only the host can modify or delete them

Question 33

List the steps in a typical DNS recursive query

Answer 33

1) The resolver (service running on the host/client) will check the DNS cache first
2) If the answer isn’t in the DNS cache, the resolver points the request to the configured DNS server
4) if the internal DNS server cannot resolve the answer, it will forward the request to the ISP DNS servers (If the internal DNS server cannot resolve the answer, it may query the external DNS servers directly)
4) If the ISP DNS servers are unable to resolve the query they will query the Internet DNS servers

Question 34

what’s the difference between a recursive DNS query and an iterative one?

Answer 34

1) in a recursive query the DNS server does the entire job of fetching an answer for your query
2) in an iterative one, it will refer the host to servers where it may have the answer