SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MCTS: Configuring A DNS Zone Infrastructure
Start Test
Study First
Subjects
:
certifications
,
mcts
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The ______ option stores the new zone in the Domain-DnsZones partition. Every DC in the local domain and on which the DNS Server role is installed will receive a copy of the zone.
digitally sign
request DNSSEC validation for specific queries
To All DNS Servers In This Domain
14
2. You must be a member of the ______ group to create an application directory partition.
Netlogon
%systemroot%System32Dns
Enterprise Admins
public key
3. What is the name of the record that contains a hash of the public key in a delegated subdomain?
standard
A DS record
Win Srvr 2008 and Win Srvr 2008 R2
Transfer New Copy Of Zone From Master
4. This operation reloads the secondary zone from the local storage.
Reload
aging
Scavenging
Standard zones
5. To create a custom application directory partition - type the following command:
NS record and an associated A record
request DNSSEC validation for specific queries
public key
dnscmd servername /createdirectorypartition FQDN
6. The ______ option stores the zone in the user-created application directory partition specified in the associated drop-down list box.
To All Domain Controllers Specified In The Scope Of This Directory Partition
masters
priority of dc2.lucernepublishing.com.
A DS record
7. Public key cryptography provides ______ - which means that separate keys are used to encrypt and decrypt data.
DomainDnsZones
Trust anchors
GlobalNames zone
asymmetric encryption
8. When you create a new zone - two types of records required for the zone are automatically created. List them.
NRPT
1. Start of Authority (SOA) record that defines basic properties for the zone. 2. NS record signifying the name of the server or servers authoritative for the zone.
notification
GlobalNames zone
9. TTL values are not relevant for resource records within their authoritative zones. Instead - the TTL refers to ______ in nonauthoritative servers. A DNS server that has cached a resource record from a previous query discards the record when that reco
the cache life of a resource record
public key
To All Domain Controllers In This Domain
1. Start of Authority (SOA) record that defines basic properties for the zone. 2. NS record signifying the name of the server or servers authoritative for the zone.
10. Scavenging can occur only when ______ is enabled.
Expires After
manually enlist
DNS server
aging
11. Consequently - when aging is enabled - dynamically registered resource records can be scavenged after ___ days by default.
DNS zone
14
accepted
Win Srvr 2008 and Win Srvr 2008 R2
12. To add an NS record - double-click any existing NS record in DNS Manager and add the server data to the ______ tab.
Name Servers
A DS record
Host (A or AAAA) - Alias (CNAME) - Mail exchanger (MX) - Pointer (PTR) - Service location (SRV)
Service location (SRV)
13. DNS delegations are automatically used to separate ______ in a single forest.
DNS server
NRPT
Aging
parent and child AD DS domains
14. By default - DCs include two application directory partitions reserved for DNS data: ______.
Netlogon
1. DomainDnsZones and - 2. ForestDnsZones
Reload
Host (A or AAAA) - Alias (CNAME) - Mail exchanger (MX) - Pointer (PTR) - Service location (SRV)
15. The ______ partition is replicated among all DCs that are also DNS servers in a particular domain
Expires After
DomainDnsZones
A DS record
dnscmd servername /enlistdirectorypartition FQDN
16. The ______ allows you to specify the DNS query suffixes - prefixes - FQDNs - or reverse lookup subnets for which a Win 7 or Win Server 2008 R2 client will request DNSSEC.
parent and child AD DS domains
14
GlobalNames zone
NRPT
17. DNSSEC enables a DNS server to ______ the resource records in its zones.
To All Domain Controllers In This Domain
Scavenging
public key
digitally sign
18. Any of three events can ________________: When the refresh interval of the primary zone's SOA resource record expires - When a server hosting a secondary zone boots up - When a change occurs in the configuration of the primary zone and this primary
Enterprise Admins
1. Start of Authority (SOA) record that defines basic properties for the zone. 2. NS record signifying the name of the server or servers authoritative for the zone.
server level and at the zone level
trigger zone transfers on secondary zones
19. During this operation - the server hosting the local secondary zone determines whether the serial number in the secondary zone's SOA resource record has expired and then pulls a zone transfer from the master server.
Retry Interval
standard
notification
Transfer From Master
20. What does the 10 refer to in the following example: _ldap._tcp SRV 0 0 389 dc1.lucernepublishing.com.SRV 10 0 389 dc2.lucernepublishing.com.
partition
Minimum (Default) TTL
Retry Interval
priority of dc2.lucernepublishing.com.
21. The ______ partition is replicated among all DCs that are also DNS servers in every domain in an AD forest.
ForestDnsZones
accepted
use more than one name to point to
Refresh Interval
22. What are the server requirements for storing a zone in AD?
To All Domain Controllers In This Domain
dnscmd servername /enlistdirectorypartition FQDN
The DNS server needs to be a domain controller.
AD Zone Replication Scope page
23. Win 7 clients can be configured to request DNSSEC through the Name Resolution Policy Table (NRPT) in ______.
Group Policy
delegate
To All Domain Controllers In This Domain
Enterprise Admins
24. To enable aging for a particular zone - you have to enable this feature both at the ______ level.
Secondary
server level and at the zone level
disabled
the cache life of a resource record
25. A secondary zone will not be recognized as a valid name server until it contains a valid copy of zone data. For the secondary zone to obtain this data - you must first ______ to that server.
decreases
ForestDnsZones
enable zone transfers
dnscmd servername /createdirectorypartition FQDN
26. When you create a new zone - two types of records required for the zone are automatically created: ______
trigger zone transfers on secondary zones
ForestDnsZones
1. A SOA record 2. At least one NS record.
the cache life of a resource record
27. For a delegation to be implemented - the parent zone must contain a _____ and an _____ (called a glue record) pointing to each authoritative server of the delegated domain.
request DNSSEC validation for specific queries
NS record and an associated A record
To All Domain Controllers In This Domain
delegate
28. The ___________________ dialog box enables you to modify two key settings related to aging and scavenging: 1. the no-refresh interval 2. and the refresh interval
trust anchor
The Zone Aging/Scavenging Properties
request DNSSEC validation for specific queries
Netlogon
29. When you do not store a zone in AD - the zone is called a ______ zone - and zone data is stored in text files on the DNS server.
Transfer New Copy Of Zone From Master
CNAME resource records
To All Domain Controllers Specified In The Scope Of This Directory Partition
standard
30. A ______ zone is similar to a secondary zone - but it contains only those resource records necessary to identify the authoritative DNS servers for the master zone.
enable zone transfers
14
masters
stub
31. ______ zones provide a means to offload DNS query traffic in areas of the network where a zone is heavily queried and used.
Create Default Application Directory Partitions
decreases
Secondary
dnscmd /ZoneExport <zone name> <zone file name>
32. ______ in DNS refers to the process of using time stamps to track the age of dynamically registered resource records.
digitally sign
1. Start of Authority (SOA) record that defines basic properties for the zone. 2. NS record signifying the name of the server or servers authoritative for the zone.
Win Srvr 2008 and Win Srvr 2008 R2
Aging
33. The value you configure in the ______ text box determines how long a secondary server waits before retrying a failed zone transfer. Normally - this time is less than the refresh interval. The default value is 10 minutes.
Retry Interval
manually enlist
Reload
accepted
34. For a DC to fall within the scope of such a directory partition - you must ______ that DC in the partition.
disabled
manually enlist
dnscmd . /config /enableglobalnamessupport 1
AD Zone Replication Scope page
35. When the zone is stored in a file instead of AD - by default the primary zone file is named zone_name.dns - and this file is located in the ______ folder on the server.
%systemroot%System32Dns
request DNSSEC validation for specific queries
Scavenge Stale Resource Records
Enterprise Admins
36. To configure notifications - click ______ on the Zone Transfers tab when zone transfers are enabled.
Group Policy
%systemroot%System32Dns
Reload - Transfer From Master - Transfer New Copy Of Zone From Master
Notify
37. In this way - digital signatures use ______ cryptography to prove that information is unspoofed and unchanged.
NS record and an associated A record
To All DNS Servers In This Forest
public key
ForestDnsZones
38. ______ are public keys from other zones that are used to validate digitally signed records originating from those zones and from delegated subdomains that are also DNSSEC-compatible.
ForestDnsZones
Netlogon
Trust anchors
To All Domain Controllers Specified In The Scope Of This Directory Partition
39. What kind of zones do not automatically perform time stamping on dynamically created resource records?
dnscmd servername /enlistdirectorypartition FQDN
Secondary
partition
Standard zones
40. You use Group Policy to configure DNS clients to _________________.
Trust anchors
request DNSSEC validation for specific queries
use more than one name to point to
Group Policy
41. The source zones from which secondary zones acquire their info are called ______ - and the data copy procedures through which this info is regularly updated are called zone transfers.
trigger zone transfers on secondary zones
1. A SOA record 2. At least one NS record.
time stamp
masters
42. ______ resource records are used to specify the location of specific services in a domain.
Service location (SRV)
aging
deploying a GlobalNames zone
server level and at the zone level
43. When scavenging is not enabled - you can perform manual scavenging in zones by right-clicking the server icon in the DNS Manager console tree and then choosing ______.
Scavenge Stale Resource Records
parent zone to a child zone
1. DomainDnsZones and - 2. ForestDnsZones
Transfer New Copy Of Zone From Master
44. Active Directory-integrated zones perform time stamping for dynamically registered records by default - even before aging and scavenging are enabled. However - primary standard zones place time stamps on dynamically registered records in the zone onl
parent and child AD DS domains
dnscmd servername /enlistdirectorypartition FQDN
aging
Scavenging
45. Increasing the refresh interval ______ zone transfer traffic.
decreases
Host (A or AAAA) - Alias (CNAME) - Mail exchanger (MX) - Pointer (PTR) - Service location (SRV)
The Zone Aging/Scavenging Properties
Retry Interval
46. The GlobalNames zone is compatible only with DNS servers running ______. Therefore - it cannot replicate to servers running earlier versions of Windows Server.
Win Srvr 2008 and Win Srvr 2008 R2
dnscmd . /config /enableglobalnamessupport 1
priority of dc2.lucernepublishing.com.
The DNS server needs to be a domain controller.
47. The _____ option stores the zone in the domain partition. Every DC in the local domain will receive a copy of the zone - regardless of whether the DNS Server role is installed on that DC.
use more than one name to point to
trust anchor
stub
To All Domain Controllers In This Domain
48. To enlist other DNS servers in the partition - type the following command:
Aging
stub
parent zone to a child zone
dnscmd servername /enlistdirectorypartition FQDN
49. The refresh interval is the time after the no-refresh interval during which time stamp refreshes are ______ and resource records are not scavenged. The default refresh interval is 7 days.
To All Domain Controllers In This Domain
digitally sign
request DNSSEC validation for specific queries
accepted
50. A ______ is a public key for a remote DNS server that is trusted and able to provide DNSSEC responses.
trust anchor
parent zone to a child zone
enable zone transfers
To All Domain Controllers In This Domain