Your network contains an Active Directory domain named contoso.com. You remove several computers from the network.
You need to ensure that the host (A) records for the removed computers are automatically deleted from the contoso.com DNS zone.
What should you do()
A.Configure dynamic updates.
B.Configure aging and scavenging.
C.Create a scheduled task that runs the Dnscmd /ClearCache command.
D.Create a scheduled task that runs the Dnscmd /ZoneReload contoso.com command.
您可能感兴趣的试卷
你可能感兴趣的试题
You have an Active Directory domain named contoso.com.
You have a domain controller named Server1 that is configured as a DNS server.
Server1 hosts a standard primary zone for contoso.com. The DNS configuration of Server1 is shown in the exhibit. (Click the Exhibit button.)
You discover that stale resource records are not automatically removed from the contoso.com zone.
You need to ensure that the stale resource records are automatically removed from the contoso.com zone.
What should you do()
A.Set the scavenging period of Server1 to 0 days.
B.Modify the Server Aging/Scavenging properties.
C.Configure the aging properties for the contoso.com zone.
D.Convert the contoso.com zone to an Active Directory-integrated zone.
Your network contains a domain controller that is configured as a DNS server. The server hosts an Active Directory-integrated zone for the domain.
You need to reduce how long it takes until stale records are deleted from the zone.
What should you do()
A.From the configuration directory partition of the forest, modify the tombstone lifetime.
B.From the configuration directory partition of the forest, modify the garbage collection interval.
C.From the aging properties of the zone, modify the no-refresh interval and the refresh interval.
D.From the start of authority (SOA) record of the zone, modify the refresh interval and the expire interval.
Your network contains an Active Directory domain named contoso.com. The domain contains the servers shown in the following table.
Server name Operating system Role
DC1 Windows Server 2008 Domain controller
DC2 Windows Server 2008 R2 Domain controller
DNS1 Windows Server 2008 DNS server DNS2 Windows Server 2008 R2 DNS server
The functional level of the forest is Windows Server 2003. The functional level of the domain is Windows Server 2003.
DNS1 and DNS2 host the contoso.com zone.
All client computers run Windows 7 Enterprise.
You need to ensure that all of the names in the contoso.com zone are secured by using DNSSEC.
What should you do first()
A.Change the functional level of the forest.
B.Change the functional level of the domain.
C.Upgrade DC1 to Windows Server 2008 R2.
D.Upgrade DNS1 to Windows Server 2008 R2.
Your company has a main office and a branch office.
The network contains an Active Directory domain named contoso.com. The DNS zone for contoso.com is configured as an Active Directory-integrated zone and is replicated to all domain controllers in the domain.
The main office contains a writable domain controller named DC1. The branch office contains a read-only domain controller (RODC) named RODC1. All domain controllers run Windows Server 2008 R2 and are configured as DNS servers.
You uninstall the DNS server role from RODC1.
You need to prevent DNS records from replicating to RODC1.
What should you do()
A.Modify the replication scope for the contoso.com zone.
B.Flush the DNS cache and enable cache locking on RODC1.
C.Configure conditional forwarding for the contoso.com zone.
D.Modify the zone transfer settings for the contoso.com zone.
Your network contains an Active Directory domain named contoso.com.
You create a GlobalNames zone. You add an alias (CNAME) resource record named Server1 to the zone.
The target host of the record is server2.contoso.com.
When you ping Server1, you discover that the name fails to resolve. You successfully resolve server2.contoso.com.
You need to ensure that you can resolve names by using the GlobalNames zone.
What should you do()
A.From the command prompt, use the netsh tool.
B.From the command prompt, use the dnscmd tool.
C.From DNS Manager, modify the properties of the GlobalNames zone.
D.From DNS Manager, modify the advanced settings of the DNS server.
Your network contains an Active Directory domain named contoso.com. The domain contains a domain controller named DC1. DC1 hosts a standard primary zone for contoso.com.
You discover that non-domain member computers register records in the contoso.com zone.
You need to prevent the non-domain member computers from registering records in the contoso.com
zone. All domain member computers must be allowed to register records in the contoso.com zone. What should you do first()
A.Configure a trust anchor.
B.Run the Security Configuration Wizard (SCW).
C.Change the contoso.com zone to an Active Directory-integrated zone.
D.Modify the security settings of the %SystemRoot%\System32\Dns folder.
Your network contains an Active Directory forest named contoso.com.
You plan to add a new domain named nwtraders.com to the forest. All DNS servers are domain controllers.
You need to ensure that the computers in nwtraders.com can update their Host (A) records on any of the DNS servers in the forest.
What should you do()
A.Add the computer accounts of all the domain controllers to the DnsAdmins group.
B.Add the computer accounts of all the domain controllers to the DnsUpdateProxy group.
C.Create a standard primary zone on a domain controller in the forest root domain.
D.Create an Active Directory-integrated zone on a domain controller in the forest root domain.
Your network contains a domain controller that has two network connections named Internal and Private. Internal has an IP address of 192.168.0.20. Private has an IP address of 10.10.10.5.
You need to prevent the domain controller from registering Host (A) records for the 10.10.10.5 IP address.
What should you do()
A.Modify the netlogon.dns file on the domain controller.
B.Modify the Name Server settings of the DNS zone for the domain.
C.Modify the properties of the Private network connection on the domain controller.
D.Disable netmask ordering on the DNS server that hosts the DNS zone for the domain.
Your network contains an Active Directory domain. The domain contains two domain controllers named DC1 and DC2.
DC1 hosts a standard primary DNS zone for the domain. Dynamic updates are enabled on the zone. DC2 hosts a standard secondary DNS zone for the domain.
You need to configure DNS to allow only secure dynamic updates.
What should you do first()
A.On DC1 and DC2, configure a trust anchor.
B.On DC1 and DC2, configure a connection security rule.
C.On DC1, configure the zone transfer settings.
D.On DC1, configure the zone to be stored in Active Directory.
You have two servers named Server1 and Server2. Both servers run Windows Server 2008 R2.
Server1 is configured as an Enterprise Root certification authority (CA).
You install the Online Responder role service on Server2.
You need to configure Server2 to issue certificate revocation lists (CRLs) for the enterprise root CA.
Which two tasks should you perform()
A.Import the enterprise root CA certificate.
B.Import the OCSP Response Signing certificate.
C.Add the Server1 computer account to the CertPublishers group.
D.Set the Startup Type of the Certificate Propagation service to Automatic.
最新试题
Your network contains an Active Directory domain named contoso.com. The domain contains five domain controllers.You add a logoff script to an existing Group Policy object (GPO). You need to verify that each domain controller successfully replicates the updated group policy. Which two objects should you verify on each domain controller()
Your network contains three Active Directory forest named Forest1, Forest2, and Forest3. Each forest contains three domains. A two-way forest trust exists between Forest1 and Forest2. A two-way forest trust exists between Forest2 and Forest3. You need to configure the forest to meet the following requirements Users in Forest3 must be able to access resources in Forest1. Users in Forest1 must be able to access resources in Forest3. The number of trusts must be minimized. What should you do()
You have Active Directory Certificate Services (AD CS) deployed. You create a custom certificate template. You need to ensure that all of the users in the domain automatically enroll for a certificate based on the custom certificate template. Which two actions should you perform()
You have a domain controller named Server1 that runs Windows Server 2008 R2. You need to determine the size of the Active Directory database on Server1. What should you do()
You need to compact an Active Directory database on a domain controller that runs windows Server 2008 R2. What should you do()
You install a standalone root certification authority (CA) on a server named Server1. You need to ensure that every computer in the forest has a copy of the root CA certificate installed in the local computer’s Trusted Root Certification Authorities store. Which command should you run on Server1()
Your network contains an Active Directory domain named contoso.com. Contoso.com contains a member server that runs Windows Serever 2008 Standart. You need to install an enterprise subordinate certification authority (CA) that support private key archival. You must achieve this goal by using the minimum amount of administrative effort.What do you do first()
Your network contains an Active Directory domain that has two sites. You need to identify whether logon scripts are replicated to all domain controllers. Which folder should you verify()
Your network contains an Active Directory forest. The forest contains two domain controllers. The domain controllers are configured as shown in the following table. All client computers run Windows 7. You need to ensure that all client computers in the domain keep the same time as an external time server. What should you do()
Your network contains an Active Directory domain named contoso.com. All domain controllers and member servers run Windows Server 2008. All client computer run Windows 7. From a client computer, you create an audit policy by using the Advanced Audit Policy Configuration settings in the Default Domain Policy Group Policy object (GPO). You discover that the audit policy is not applied to the member servers. The audit policy is applied to the client computers. You need to ensure that the audit policy is applied to all member servers and all client computers. What should you do()