|
Question 1. What is the default service name the SNVP applies to each message? A.:
|
Question 1. ITCertKeys.com has an Active Directory forest that contains a single domain named ad. ITCertKeys.com. All domain controllers are configures as DNS servers and have Windows Server 2008 installed. The network has two Active directory-integrated zones: ITCertKeyses.com and ITCertKeysws.com. The company has instructed you to make sure that a user is able to modify records in ITCertKeyses.com while preventing the user to modify the SOA record in ITCertKeysws.com zone. What should you do to achieve this task? A. Modify the permissions of ITCertKeyses.com zone by accessing the DNS Manager Console B. Configure the user permissions on ITCertKeyses.com to include all the users and configure the user permissions on ITCertKeysws.com to allow only the administrators group to modify the records C. Modify the permission of ITCertKeysws.com zone by accessing the DNS Manager Console D. Modify the Domain Controllers organizational unit by accessing the Active Directory Users and Computers console. E. None of the above. Answer: A Explanation: To allow the user to modify records in ITCertKeyses.com and prevent him/her to modify the SOA record in ITCertKeysws.com zone, you should set the permissions of ITCertKeyses.com through DNS Manager Console. You set the permissions for the users to modify the records in ITCertKeyses.com. Since setting permission on one Active directory-integrated zone, you will be preventing the users to modify anything else on the other zones. Question 2. ITCertKeys.com has an Active Directory Domain Controller. All domain controllers nare configured as DNS servers and have Windows Server 2008 installed. Only one Active-Directory integrated DNS zone is configured on the domain. You have to make sure that outdated DNS records are removed from the DNS zone automatically. What should you do to achieve this task? A. Modify the TTL of the SOA record by accessing the zone properties B. Disable updates from the zone properties C. Execute netsh/Reset DNS command from the Command prompt D. Enable Scavenging by accessing the zone properties E. None of the above Answer: D Explanation: To remove the outdated DNS records from the DNS zone automatically, you should enable Scavenging through Zone properties. Scavenging will help you clean up old unused records in DNS. Since "clean up" really means "delete stuff" a good understanding of what you are doing and a healthy respect for "delete stuff" will keep you out of the hot grease. Because deletion is involved there are quite a few safety valves built into scavenging that take a long time to pop. When enabling scavenging, patience is required. Reference: http://www.gilham.org/Blog/Lists/Posts/Post.aspx?List=aab85845-88d2-4091-8088-a6bbce0a4304&ID=211 Question 3. ITCertKeys.com has a single Active Directory domain. You have configured all domain controllers in the network as DNS servers and they run Windows Server 2008. A domain controller named ITK1 has a standard Primary zone for ITCertKeys.com and a domain controller named ITK2 has a standard secondary zone for ITCertKeys.com. You have to make sure that the replication of the ITCertKeys.com zone is encrypted so you might not loose any zone data. What should you do to achieve this task? A. Create a stub zone and delete the secondary zone B. Convert the primary zone into an active directory zone and delete the secondary zone C. Change the interface where DNS server listens on both servers D. On the standard primary zone, configure zone transfer settings. After that modify the master servers lists on the secondary zone E. None of the above Answer: B Explanation: To make sure that the replication of the ITCertKeys.com zone is encrypted to prevent data loss. You should convert the primary zone into an active directory zone and delete the secondary zone Question 4. ITCertKeys.com has a main office and a branch office. All servers in both offices run Windows Server 2008. The offices are connected through a MAN link. ITCertKeys.com has an Active Directory domain that hosts a single domain called maks.ITCertKeys.com. There is a domain controller in the maks. ITCertKeys.com domain called ITK1. It is located in the main office. You have configured ITK1 as a DNS server for maks. ITCertKeys.com DNS zone. It is configured as a standard primary zone. You are instructed to install a new domain controller called ITK2 in the branch office. After installing the domain controller, you install DNS on ITK2. You want to ensure that the DNS service on ITK2 can update records and resolve DNS queries in the event of a MAN link failure. What should you do to achieve this objective? A. Configure the DNS on ITK1 to forward requests to ITK2 B. Add a secondary zone named raks. ITCertKeys.com on ITK2 C. Convert maks. ITCertKeys.com on ITK1 to an Active Directory-integrated zone D. Configure a new stub zone on ITK1 and set the forwarding option to ITK2 Answer: C Explanation: To make sure that the DNS service on ITK2 can update records and resolve DNS queries in the event of a MAN link failure, you should convert maks. ITCertKeys.com on ITK1 to an Active Directory-integrated zone. Active Directory-integrated DNS, offers two pluses over traditional zones. For one, the fault tolerance built into Active Directory eliminates the need for primary and secondary nameservers. Effectively, all nameservers using Active Directory-integrated zones are primary nameservers. This has a huge advantage for the use of dynamic DNS as well: namely, the wide availability of nameservers that can accept registrations. Recall that domain controllers and workstations register their locations and availability to the DNS zone using dynamic DNS. In a traditional DNS setup, only one type of nameserver can accept these registrations-the primary server, because it has the only read/write copy of a zone. By creating an Active Directory-integrated zone, all Windows Server 2008 nameservers that store their zone data in Active Directory can accept a dynamic registration, and the change will be propagated using Active Directory multimaster replication. Reference: http://safari.adobepress.com/9780596514112/active_directory-integrated_zones Question 5. ITCertKeys.com has a DNS server with 10 Active Directory Integrated Zones. For auditing purposes, you have to provide copies of the zone files of the DNS server to the security audit group. What should you do to achieve this task? A. Execute ntdsutil > Partition Management > Display commands B. execute ipconfig/registerdns command C. execute the dnscmd/ZoneExport command D. Execute dnscmd/Zoneoutput command Answer: C Question 6. ITCertKeys.com has a domain controller named EDC11 that runs Windows Server 2008. It is configured as a DNS server for ITCertKeys.com. You install the DNS server role on a member server named S1 and after this; you create a standard secondary zone for ITCertKeys.com. You configured EDC11 as the master server for the zone. What should you do to make sure that S1 receives zone updates from EDC11? A. On Server1, add a conditional forwarder. B. On DC1, modify the zone transfer settings for the contoso.com zone. C. Add the Server1 computer account to the DNSUpdateProxy group. D. On DC1, modify the permissions of contoso.com zone. Answer: B Question 7. ITCertKeys.com has a network consisting of an Active Directory forest named ebd.com. All servers have Windows Server 2008. All domain controllers are configured as DNS servers. The ebd.com DNS zone is stored in ForestDnsZones Active directory partition. A member server contains a standard primary DNS zone for eb.ebd.com. You need to make sure that all domain controllers can resolve names for eb.ebd.com. What should you do to achieve this task? A. Create a delegation in the ebd.com zone B. Change the properties of SOA record in the eb.ebd.com zone C. Add NS record in the ebd.com zone D. Create a secondary zone on a Global catalog server Answer: A Question 8. ITCertKeys.com has a main office and single branch office in another state. With a single Active-Directory domain forest, ITCertKeys.com has two domain controllers named ITK1 and ITK2 . Both of the domain controllers run Windows Server 2008. The branch office has a Read-only domain controller (RODC) named ITK3. While all domain controllers have DNS server role installed, they are configured as Active-Directory-integrated zones. All DNS zones are configured to allow secure updates only. You want to enable dynamic DNS updates on ITK3. What should you do to achieve this task? A. On DC1, create an active partition and configure the partition to store Active Directory- integrated zones B. Un-install the Active Directory Domain services on ITK3 and reinstall it as a writeable domain controller C. Reconfigure RODC on ITK3 to allow dynamic updates D. Execute dnscmd/ZoneResetType command on ITK3 Answer: B Explanation: To enable the dynamic DNS updates on ITK3, you should uninstall the Active Directory Domain services on ITK3 and reinstall it as a writeable domain controller. A writeable domain controller performs originating updates and outbound replication. Reference: http://msdn.microsoft.com/en-us/library/cc207937.aspx Question 9. ITCertKeys.com has a huge network that consists of an Active Directory Forest containing a single domain. Windows Server 2008 is installed on all domain controllers. They are configured as DNS servers. ITCertKeys.com has an active directory-integrated zone with two Active Directory sites. Each site contains five domain controllers. You added a new NS record to the zone. You have to make sure that all domain controllers immediately receive the new NS record. What should you do to achieve this task? A. Execute repadmin/syncall from the command prompt B. Reload the zone from the DNS Manager console C. Create an SOA record from the DNS Manager console D. Shutdown and then, restart the DNS server service from services snap-in Answer: A Explanation: Question 10 ITCertKeys.com has an Active Directory domain named comm. ITCertKeys.com. The domain contains two domain controllers named ITK1 and ITK2 . Both have the DNS server role installed. You install a new DNS server named ns. ITCertKeys.com on the perimeter network. You configure ITK1 to forward all unresolved name requests to ns. ITCertKeys.com. But you discover that the DNS forward option is unavailable on ITK2. You have to configure DNS forwarding on ITK2 server to forward unresolved name requests to ns. ITCertKeys.com server. Which of the following two actions should you perform to achieve this task? A. Clean the DNS cache on ITK2 B. configure conditional forwarding on ITK2 C. Delete the Root zone on ITK2 D. Add zone forwarding on ITK2 Answer: B, C Question 11. ITCertKeys.com has a domain controller that runs Windows Server 2008. It is configured as a DNS server. You have to record all inbound DNS queries to the server. What should you configure in the DNS Manager Console? A. To log errors and warnings, configure event logging B. Disable automatic logs for recursive queries C. Enable automatic testing for recursive queries D. Enable debug logging Answer: D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.