Question 1
Refer to the graphic above to answer the following question.
You are the administrator of the westsim.private domain. The data for the westsim.private zone is stored in Active
Directory. You have just opened a branch office in Phoenix. The branch office is connected to the main offices with a
slow WAN link. The WAN link is unreliable and is sometimes down for 3 days at a time. You plan on replacing the
connection in the future, but for now the link will have to be used.
You configure a secondary zone for westsim.private at the Phoenix location accepting the default configuration. The SOA
record for the zone is shown in the graphic above. What change should you make to prevent name resolution problems
at the Phoenix location?
Answer
Increase the Refresh interval to 3 days.
Decrease the Refresh interval value to 10 minutes.
Increase the Expires after value to 4 days.
Increase the Retry interval to 1 day.
1 points
Question 2
You are the network manager for the westsim.private domain. You are in the process of transitioning from IPv4 to IPv6
on your internal network.
You want to configure DNS to provide hostname-to-IPv6 address and IPv6 address-to-hostname resolution for a specific
IPv6-only host. Which record types would you create? (Select two.)
Answer
SRV
AAAA
A
CNAME
NS
PTR
1 points
Question 3
You are the network administrator for your company's network. Your network consists of 8 Windows 2008 Server
computers, 500 Windows XP Professional computers, and 5 UNIX servers. One of your Windows 2008 Server computers
is your DNS server. The DNS zone is configured as an Active Directory-integrated zone. The DNS zone is also configured
to allow dynamic updates. Users report that although they can access the Windows XP computers by host name, but
they cannot access the UNIX servers by host name. What should you do?
Answer
Manually enter A (host) records for the UNIX servers in the zone database.
On the DNS server, manually create a HOSTS file that contains the records for the UNIX servers.
Configure a UNIX computer to be a DNS server in a secondary zone.
Manually add the UNIX servers to the Windows domain.
1 points
Question 4
You are configuring the network for a new company with two sites: the main office is in Denver, and a branch office is in
Phoenix. The sites are connected by a WAN link. All servers, including domain controllers, will run Windows Server 2008.
All servers will be members of an Active Directory domain. The main office uses the domain of corp.westsim.com. All
domain members are currently located only in the Denver location. The branch office uses the domain of
research.corp.westsim.com. All domain members are located only in the Phoenix location. The following servers are in
each location (Location, Server, Role):
Denver, srv1.corp.westsim.com, Domain controller DNS server
Denver, srv2.corp.westsim.com, Domain controller DNS server
Denver, srv3.corp.westsim.com, Domain controller
Phoenix, srv1.research.corp.westsim.com, Domain controller DNS server
Phoenix, srv2.research.corp.westsim.com, Domain controller DNS server
Phoenix, srv3.research.corp.westsim.com, Domain controller
All zones are Active Directory integrated zones, and there are no other DNS servers on the network. To improve name
resolution at the Phoenix location, you install a domain controller and DNS server named srv4.corp.westsim.com in the
Phoenix location. You want this server to have a copy of the corp.westsim.com zone but not the
research.corp.westsim.com zone. You do not want any servers in the Denver location to have a copy of the
research.corp.westsim.com zone. You want to minimize DNS replication traffic where possible. What should you do?
(Choose two. Each correct choice is part of the solution.)
Answer
Disable zone transfers on both zones.
Configure the replication scope for corp.westsim.com as To all DNS servers in this domain. Configure the
replication scope for research.corp.westsim.com as To all DNS servers in this forest.
Configure the replication scope for both zones as To all DNS servers in this domain.
Configure the replication scope for both zones as To all DNS servers in this forest.
Configure the replication scope for corp.westsim.com as To all DNS servers in this forest. Configure the
replication scope for research.corp.westsim.com as To all DNS servers in this domain.
Allow zone transfer to listed name servers for both zones.
1 points
Question 5
You are the administrator for the Seattle office of WestSim Corporation. Zone information for the entire westsim.com
domain is stored in a primary zone on the portland.westsim.com server located in the Portland office.
There is a T1 line between the Seattle and Portland offices, but the line is often saturated with heavy network traffic,
which makes name resolution for those in the Seattle office very slow. What can you do to improve DNS performance
for computers in the Seattle office?
Answer
Install a DNS server in the Seattle location. Configure it with an Active Directory integrated zone of the
westsim.com domain.
Install a DNS server in the Seattle location. Configure it with a primary zone of the westsim.com domain.
On the portland.westsim.com computer, create a new zone called seattle.westsim.com. Make it a primary
zone, and configure it to use incremental updates.
Install a DNS server in the Seattle location. Configure it with a secondary zone of the westsim.com domain.
1 points
Question 6
You are a network engineer for a large private network. The network has a corporate headquarters site, six regional
sites, and dozens of branch sites per region. The network's private namespace consists of a single DNS domain that is a
subdomain of a registered public DNS domain.
To provide DNS name resolution fault tolerance and performance, each site has its own DNS server. All DNS servers run
Windows 2008 DNS. The DNS server in the corporate headquarters site is a primary DNS server. All other DNS servers
are secondary DNS servers for the private namespace. The primary DNS server for the private network is overwhelmed
with zone transfer requests. You must redesign the network's DNS structure to alleviate this problem. What should you
do?
Answer
Configure DNS servers in branch sites to receive zone transfers from a DNS server in a regional site.
Install another primary DNS server in the corporate headquarters site. Configure half the DNS servers to
receive zone transfers from the new primary DNS server.
Change all DNS servers in regional sites to be primary DNS servers.
Configure the DNS zone for the private network to be an Active Directory integrated zone.
1 points
Question 7
You have a Windows Server 2008 server that has Windows Server core installed. You would like to add the DNS server
role to this server. What should you do?
Answer
At a command prompt, run dnscmd.
At a command prompt, run oclist.
Insert the Windows Server 2008 DVD. At a command prompt, run setup.exe.
At a command prompt, run dnslint.
At a command prompt, run ocsetup.
1 points
Question 8
You are the administrator for the Creative Designs company. The network uses a single domain named cdesign.com. A
single domain controller (CDDC1) holds an Active Directory integrated zone and provides DNS services. Recently, your
company purchased a competitor company, Design Limited, Inc. Their network uses a single domain, named
dlimitinc.com, with a single domain controller (DLIDC1) holding an Active Directory integrated zone. Domains for each
company are currently in different forests. You connect the Creative Designs location to the Design Limited location with
a T-1 line.
You want to enable hosts at the Creative Designs location to be able to resolve host names for hosts in the dlimitinc.com
zone. You need to minimize hardware costs while maximizing DNS performance. How should you configure the CDDC1
server at the Creative Designs location to enable clients to resolve names at Design Limited, Inc.?
Answer
Configure the IP address for DLIDC1 as a forwarder for CDDC1.
Create a primary zone of the dlimitinc.com zone on CDDC1.
Create an Active Directory integrated zone of the dlimitinc.com zone on CDDC1.
Create a secondary zone of the dlimitinc.com zone on CDDC1.
1 points
Question 9
Emma is a systems administrator for WestSim Corporation. The network has multiple domains with DNS, WINS, and
DHCP services configured in each domain. All servers are running Windows 2008, and all clients are running Windows
Vista. All hosts are members of the acct.westsim.com domain whose records are stored in a primary zone. As part of a
new security initiative, the IT department has developed a custom application that reports the host name of all clients
that try to access three sensitive servers in the Accounting department. Emma has been asked to test the new
application.
During a random test, she finds that the program is not reporting the host names for some clients, even though it
properly records their IP addresses. Emma realizes that the custom application submits reverse lookup requests to the
DNS server to discover the host name for the specified IP address. She also realizes that the clients whose host name
could not be notified have manually configured static IP addresses on subnet 192.168.3.0 using a default subnet mask.
What should Emma do?
Answer
Manually create a PTR record in the acct.westsim.com zone for each host.
Manually create a PTR record in the 3.168.192.in-addr.arpa zone for each host.
Manually create a CNAME record in the 3.168.192.in-addr.arpa zone for each host.
Manually create an A record in the 3.168.192.in-addr.arpa zone for each host.
Manually create a CNAME record in the acct.westsim.com zone for each host.
Manually create an A record in the acct.westsim.com zone for each host.
1 points
Question 10
Mary administers a network with ten Windows 2008 servers and four UNIX servers. All servers have been manually
assigned a static IP address. A single domain is used on the network. DC1 is a domain controller that holds an Active
Directory-integrated zone for the entire network and provides DNS services for all hosts. DC2 provides DHCP services for
network clients. Users report that they are unable to contact the UNIX servers by name. What should Mary do?
Answer
Configure a HOSTS file with the name and IP address for each UNIX server. Copy the file to all network
clients.
Manually create a CNAME record in the DNS database for each UNIX server.
Manually create an A record in the DNS database for each UNIX server.
Manually create a PTR record in the DNS database for each UNIX server.
Configure DC2 to update DNS records for the UNIX servers.
1 points
Question 11
You are the administrator of the corp.westsim.com domain. All servers in the domain run Windows Server 2008, and all
clients run Windows XP Professional. The domain has two subdomains: acct.corp.westsim.com and
sales.corp.westsim.com. To improve name resolution, you set up DNS on the srv3.acct.corp.westsim.com server. You
create a secondary zone on that server pointing to the sales.corp.westsim.com zone.
One day, users complain that name resolution through the Srv3 server isn't working correctly. You suspect that the zone
database is corrupt and want to do a zone transfer of all data from the master zone. What should you do?
Answer
At the command line, run Dnscmd /ZoneReload.
In the DNS console, right-click the zone and choose Reload.
At the command line, run Dnscmd /ZoneRefresh.
In the DNS console, right-click the zone and choose Reload from Master.
In the DNS console, right-click the zone and choose Transfer from Master.
1 points
Question 12
You manage a network with two locations: the main office is in Phoenix, and a branch office is in Tulsa. Srv1 is a DNS
server in Phoenix and holds the primary zone for the eastsim.local zone. To improve name resolution requests in the
branch office, you place a secondary copy of the zone on Srv5 in the Tulsa location.
Due to recent expansion, you are adding more servers to the Phoenix location. For each server, you manually create the
A and PTR records. You find that after you add the server, computers in the Tulsa location are unable to contact the new
servers for up to 10 minutes. You want to make sure that hosts in Tulsa can contact these servers using DNS as quickly as
possible. What should you do?
Answer
Increment the zone serial number on Srv1 each time you make a change.
Enable DNS Notify on the zone on Srv1.
Decrease the refresh interval in the SOA record for the zone.
Configure the zone to use incremental zone transfers (IXFR).
1 points
Question 13
You are a network engineer for a new company. The company previously installed a DNS server to manage the
company's public namespace. The DNS server runs BIND version 8.2. To provide fault tolerance, you install a second DNS
server on a Windows Server 2008 computer. You reconfigure the zone types so the Windows 2008 DNS server has the
primary zone and the BIND DNS server has a secondary zone. The BIND DNS server has an IP address of 45.25.0.1 and
the Windows 2008 DNS server has an IP address of 45.25.0.2.
As part of your security plan you must prevent zone data from being transferred to rogue DNS servers that might seek
zone transfers from either of the company's public DNS servers. You must also prevent eavesdropping of any DNS data
replicated between DNS servers. What should you do? (Choose two. Each correct choice is part of the solution.)
Answer
On the Windows Server 2008 DNS server, integrate the zone into Active Directory.
Create an IPSec tunnel between the company's two public DNS servers.
On the Windows Server 2008 DNS server, disallow all zone transfers.
On the Windows Server 2008 DNS server, enable secure dynamic updates for the zone.
On the Windows Server 2008 DNS server, restrict zone transfers to the IP address 45.25.0.1.
On the BIND DNS server, restrict zone transfers to the IP address 45.25.0.2.
1 points
Question 14
You are a systems administrator for WestSim Corporation. The network has multiple domains with DNS, WINS, and
DHCP services configured in each domain. All servers are running Windows 2008, and all clients are running Windows XP
Professional. DHCP, DNS, and client computers are configured for dynamic DNS updates.
As part of a new security initiative, the IT department has developed a custom application that reports the host name of
all clients that try to access three sensitive servers in the Accounting department. The application has been working fine
for the last three months.
The company expands and adds a new building with a LAN connection to the rest of the network. This building has its
own subnet, 192.168.5.0. You create a scope on an existing DHCP server for this subnet. During a random check of the
reporting software, you discover that the application reports only the IP address but not the host name for clients on the
new subnet. Everything works as designed for hosts on other subnets. You check the DNS database and find that none of
the hosts on that subnet has an associated PTR record. What should you do?
Answer
Add a HOSTS file to the server running the reporting software.
Manually create CNAME records for each host on the subnet.
Create a secondary reverse lookup zone for subnet 192.168.5.0.
Manually create PTR records for each host on the subnet.
Create a primary reverse lookup zone for subnet 192.168.5.0.
1 points
Question 15
You need to create a DNS record that identifies a service, protocol, and port number. Which record type would you
create?
Answer
MX
CNAME
SRV
A
PTR
1 points
Question 16
You are the manager for the westsim.com domain. All computers are members of the westsim.com domain. A single
Windows Server 2008 server is the domain controller and DNS server for the domain. You have recently installed a new
server, srv12, with IP address 192.168.3.199/24. You need to manually create a record in the DNS database that
provides IP address-to-hostname resolution. Which command would you use?
Answer
dnscmd /recordadd westsim.com 192.168.3.199 A srv12
dnscmd /recordadd 3.168.192.in-addr.arpa 199 PTR srv12.westsim.com
dnscmd /recordadd westsim.com srv12 A 192.168.3.199
dnscmd /recordadd 192.168.3.in-addr.arpa 199 PTR srv12.westsim.com
1 points
Question 17
You are the systems administrator for EastSim Corporation. Domain controllers at headquarters host Active Directory
integrated zones for the domain eastsim.com domain. The company has recently purchased a small design company
located in Tampa. The new company will become a branch office connected to headquarters with a T-1 line. You have
been sent to integrate the branch office into the corporate network.
The existing network in Tampa is using a UNIX BIND-based DNS server. Rather than replace this server, you decide to use
it to provide name resolution for the branch office. You want all clients in the branch office to be able to resolve
hostnames for hosts in the eastsim.com domain. You want to minimize network traffic across the WAN link and provide
the fastest name resolution services possible. What should you do?
Answer
On one of the DNS servers at headquarters, change the zone type for eastsim.com to a primary zone.
Change the zone type for all other DNS servers to secondary zones. Create a secondary zone on the UNIX
DNS server. Have it replicate data from one of the DNS servers at headquarters.
On one of the DNS servers at headquarters, change the zone type for eastsim.com to a primary zone.
Change the zone type for all other DNS servers to secondary zones. Create a secondary zone on the UNIX
DNS server. Have it replicate data from one of the primary zone at headquarters.
Create a secondary zone on the UNIX DNS server. Have it replicate data from one of the domain controllers
configured as a DNS server.
Create a primary zone on the UNIX DNS server. Have it replicate data from one of the domain controllers
configured as a DNS server.
Configure the UNIX server as a caching-only server. Have it forward name requests to a DNS server at
headquarters.
1 points
Question 18
You manage the intranet servers for EastSim Corporation. The company network has three domains: eastsim.com,
asiapac.eastsim.com, and emea.eastsim.com. The main company Web site runs on the web1.eastsim.com server with a
public IP address of 101.12.155.99. A host record for the server already exists in the eastsim.com zone. You want
Internet users to be able to use the URL http://eastsim.com to reach the Web site. What should you do?
Answer
In the eastsim.com domain, add an NS record for the web1.eastsim.com server.
In the eastsim.com domain, edit the SOA record and enter web1.eastsim.com as the primary server.
In the eastsim.com domain, create a CNAME record with a blank name pointing to server
web1.eastsim.com.
In the eastsim.com domain, create an SRV record for the _http protocol pointing to server
web1.eastsim.com.
In the eastsim.com domain, create a DNAME record pointing to server web1.eastsim.com.
1 points
Question 19
You are a network engineer for your company. Your private network uses the namespace private.westsim.com. All
servers run Windows Server 2008. All client computers run Windows XP Professional. You manage the DNS servers that
are authoritative for the private.westsim.com zone. Two servers are authoritative for the zone: DNS1 hosts the primary
DNS zone, and DNS2 holds a secondary copy of the zone.
You use the DNS console to manually create an A resource record for a new Web server on your network that is
configured with a static IP address. From your workstation, you open a browser and try to connect to the new Web
server. You get an error message stating that the Web site is not found. You try the test from another workstation with
success. You return to your workstation only to find it still does not work. You run ipconfig /all and find that your
workstation is configured to use the DNS2 server as its preferred DNS server. You want to be able to resolve the host
name on your computer as soon as possible to verify that it is working correctly. What should you do?
Answer
On DNS1, right-click the zone and choose Reload.
On your computer, run ipconfig /flushdns.
On DNS1, edit the zone properties and add DNS2 as a listed name server.
On DNS2, right-click the zone and select Reload from Master.
On DNS1, edit the zone properties and decrease the refresh interval.
1 points
Question 20
You manage the intranet servers for EastSim Corporation. The company network has three domains: eastsim.com,
asiapac.eastsim.com, and emea.eastsim.com. The main company Web site runs on the web1.eastsim.com server with a
public IP address of 101.12.155.99. A host record for the server already exists in the eastsim.com zone. You want
Internet users to be able to use the URL http://www.eastsim.com to reach the Web site. What type of DNS record
should you create?
Answer
A
SRV
NS
SOA
PTR
CNAME