MCSA Guide to Administering Windows Server 2012/R2, Exam 70-411 Ch. 11

Solutions-1

Chapter 11 Solutions Review Questions 1.

2.

3.

4.

5.

6.

7.

The entire DNS tree is referred to as which of the following? a.

Zone hierarchy

b.

Domain space

c.

DNS namespace

d.

Top-level domain

Which of the following accurately represents an FQDN? a.

host.top-level-domain.subdomain.domain

b.

domain.host.top-level-domain

c.

host.subdomain.domain.top-level-domain

d.

host.domain.top-level-domain.subdomain

What type of DNS server maintains a database containing addresses of name servers for domains such as microsoft.com, yahoo.com, netacad.net, and data.gov? a.

Root server

b.

TLD server

c.

Cache-only server

d.

Secondary server

A resource record containing an alias for another record is which of the following record types? a.

A

b.

CNAME

c.

NS

d.

PTR

What type of resource record is necessary to get a positive response from the command nslookup 192.168.100.10? a.

A

b.

CNAME

c.

NS

d.

PTR

What type of zone should you create that contains records allowing a computer name to be resolved from its IP address? a.

RLZ

b.

FLZ

c.

Stub

d.

TLD

When you create a standard zone, you must specify the replication scope. True or False? False

8.

You have a DNS server running Windows Server 2012 R2 named DNS1 that contains a primary zone named csmtech.local. You have discovered a static A record for a server name

MCSA Guide to Administering Windows Server 2012/R2, Exam 70-411 Ch. 11

Solutions-2

DB1 in the zone, but you know that DB1 was taken offline several months ago. Aging and scavenging are enabled on the server and the zone. What should you do first to ensure that stale static records are removed from the zone?

9.

a.

Change the default TTL on static records.

b.

Enable the Advanced View setting in DNS Manager.

c.

Configure the “Expires after” value in the SOA.

d.

Change the “No-refresh interval” timer to a lower number.

You have a DNS server outside your company’s firewall that’s a stand-alone Windows Server 2012 R2 server. It hosts a primary zone for the public Internet domain name, which is different from the internal Active Directory domain names. You want one or more of your internal servers to be able to handle DNS queries for the public domain and serve as a backup for the primary DNS server outside the firewall. Which configuration should you choose for internal DNS servers? a.

Configure a standard secondary zone.

b.

Configure a standard stub zone.

c.

Configure a forwarder to point to the primary DNS server.

d.

Configure an Active Directory–integrated stub zone.

10. The IP address for the DNS server for the primary domain csmpub.local has just been changed. You have a stub zone named csmpub.local on another server. You need to update the NS record in the stub zone. True or False? False 11. Which of the following is true about a stub zone? (Choose all that apply.) a.

It’s not authoritative for the zone.

b.

It holds mostly A records.

c.

It can’t be Active Directory integrated.

d.

It contains SOA and NS records.

12. You have seven DNS servers that hold an Active Directory–integrated zone named csmpub.local. Three of the DNS servers are in the Chicago site, which is connected to three other sites through a WAN link with limited bandwidth. Only users in the Chicago site need access to resources in the csmpub.local zone. Where should you store the csmpub.local zone? a.

ForestDNSZones partition

b.

csmpub.local.dns

c.

DomainDNSZones partition

d.

Custom application partition

13. The DNS server at your company’s headquarters holds a standard primary zone for the abc.com domain. A branch office connected by a slow WAN link holds a secondary zone for abc.com. Updates to the zone aren’t frequent. How can you decrease the amount of WAN traffic caused by the secondary zone checking for zone updates? a.

In the SOA tab of the zone’s Properties dialog box, increase the minimum (default) TTL.

b.

In the Advanced tab of the DNS server’s Properties dialog box, increase the expire interval.

c.

In the SOA tab of the zone’s Properties dialog box, increase the Refresh interval timer.

d.

In the Zone Transfers tab of the SOA Properties dialog box, decrease the Retry interval timer.

MCSA Guide to Administering Windows Server 2012/R2, Exam 70-411 Ch. 11

Solutions-3

14. You have delegated a subdomain to a zone on another server. Several months later, you hear that DNS clients can’t resolve host records in the subdomain. You discover that the IP address scheme was changed recently in the building where the server hosting the subdomain is located. What can you do to make sure DNS clients can resolve hostnames in the subdomain? a.

Configure a forwarder pointing to the server hosting the subdomain.

b.

Edit the NS record in the delegated zone on the parent DNS server.

c.

Edit the NS record in the delegated zone on the DNS server hosting the subdomain.

d.

Configure a root hint pointing to the server hosting the subdomain.

15. You want a DNS server to be able to respond to queries for a domain in a standard primary zone hosted on another DNS server. You don’t want the server to be authoritative for that zone. How should you configure the server? (Choose all that apply.) a.

Configure a secondary zone on the DNS server.

b.

Configure a stub zone on the DNS server.

c.

Configure a conditional forwarder on the DNS server.

d.

Configure a delegation on the DNS server.

16. You’re in charge of a standard primary zone for a large network with frequent changes to the DNS database. You want changes to the zone to be transmitted as quickly as possible after a change has been made to all secondary servers. What should you configure and where? a.

The notify option on slave servers

b.

The Expires after timer on slave servers

c.

The notify option on the master server

d.

The Expires after timer on the master server

17. You have a server named DNS1 with a zone named csmtech.local. Several computers use DHCP for IP address assignment, and their IP addresses change often. Client computers are often unable to communicate with some of these computers until they clear their local DNS caches. What can you do to reduce the problem? a.

Set the minimum (default) TTL on the zone to a lower value.

b.

Set the Expires after timer to a higher value.

c.

Change the DNS records to static.

d.

Change the “Record time stamp” setting to a lower value.

18. You have an Active Directory–integrated zone named csmtech.local on the DNS1 server. The forest root Active Directory domain is csmtech.local. Why is the _msdcs subdomain zone delegated on the DNS1 server? a.

To offload the DNS processing required of DNS1

b.

To change the replication scope of _msdcs

c.

To allow Windows clients to access Microsoft services

d.

To allow dynamic updates to the _msdcs zone

19. You have a zone containing two A records for the same hostname, but each A record has a different IP address configured. The host records point to two servers hosting a high-traffic Web site, and you want the servers to share the load. After some testing, you find that you’re always accessing the same Web server, so load sharing isn’t occurring. What can you do to solve the problem? a.

Enable the load-sharing option on the zone.

b.

Enable the round-robin option on both A records.

MCSA Guide to Administering Windows Server 2012/R2, Exam 70-411 Ch. 11 c.

Enable the load-sharing option on both A records.

d.

Enable the round-robin option on the server.

Solutions-4

20. You have three servers providing the Kerberos authentication service—DC1, DC2, and DC3—and an SRV record for each server. You want to make sure DC1 handles 30% of the requests for the Kerberos server, DC2 handles 50% of the requests, and DC3 handles 20% of the requests. Currently, all settings for SRV records are at the default values. What should you configure? a.

The protocol on each SRV record

b.

The priority on each SRV record

c.

The weight on each SRV record

d.

The TTL on each SRV record

21. You want to verify whether a PTR record exists for the Serv2.csmpub.local host, but you don’t know the IP address. Which of the following commands should you use? a.

ping -a Serv2.csmpub.local and then ping IPAddress returned from the first ping

b.

nslookup Serv2.csmpub.local and then nslookup IPAddress returned from the first nslookup

c.

dnscmd /PTR Serv2.csmpub.local

d.

netsh /PTR Serv2.csmpub.local

22. Which of the following is not an advantage of using Active Directory–integrated zones? a.

Automatic zone replication

b.

Multimaster updates

c.

Can be stored on member servers

d.

Ability to configure secure updates

23. You have a primary zone stored in the myzone.local.dns file. Some devices that aren’t domain members are creating dynamic DNS records in the zone. You want to make sure only domain members can create dynamic records in the zone. What should you do first? a.

Configure the “Allow only secure dynamic updates” option.

b.

Configure permissions in the Security tab of the zone’s Properties dialog box.

c.

Configure the “Store the zone in Active Directory” option.

d.

Configure the “Do not allow dynamic updates” option.

24. You have an application that needs to contact an LDAP server without knowing the name or address of the server. What kind of record can you create in DNS? a.

MX

b.

SRV

c.

NS

d.

AAAA

25. You have two mail servers on your network named Mail1 and Mail2. You want clients to access Mail1 unless it’s unresponsive, and then Mail2 should be accessed. What should you configure? a.

The round-robin setting on the DNS server

b.

The priority value on the MX records

c.

The weight value on the SRV records

MCSA Guide to Administering Windows Server 2012/R2, Exam 70-411 Ch. 11 d.

The retry interval on the zone

Solutions-5