2013 Latest MCTS 70-642 Exam Questions 21-25
You need to create a sender policy framework (SPF) record for the e-mail servers on your network.
Which type of resource record should you create? A. Alias (CNAME)
B. Host Information (HINFO)
C. Signature (SIG) D. Text (TXT)
Correct Answer: D
Correct answer(s): D
Authenticating Outbound E-Mail:
Domain holders need to complete an inventory and publish all IP addresses of their outbound e- mail servers in the DNS zone file. This is an administrative step that requires no changes to an organization’s e- mail or DNS software. Even if your domain has no outbound e-mail servers, you can help protect your domain from spoofing by publishing an SPF record in the DNS that states this. Follow the steps below to create and publish an SPF record for each domain name that your organization owns.
1. Determine the IP addresses of the outbound e-mail servers for the domain.
2. Identify the e-mail servers that transmit outbound e-mail for all of the domains and subdomains in your organization, as well as the IP addresses for these servers. You will need to publish a Sender ID record for each of them. If your organization uses any third parties to send e- mail on its behalf, such as an e-mail service provider or a hoster, you will also need to know their domain names. However, you do not need to know the IP addresses of their outbound e-mail servers. (You may want to encourage them to publish Sender ID records for their own domains.)
3. Create the SPF record. You can use the Sender ID Wizard described in this document to make it easier. (See www.microsoft.com/senderid/wizard.) Note You must create a separate SPF record for each domain and subdomain that sends e-mail for you. It is possible for several domains to share the same Sender ID record.
4. After you have created the SPF records for your organization, publish them in DNS TXT records. You may need the assistance of your DNS administrator, Web hoster, or registrar.
5. Ensure that your domain can be correctly identified as the purported responsible domain (PRD) for each message you send. This means that the sender’s domain must be shown in certain headers of the e-mail message. Sender ID has been carefully designed to ensure that most legitimate e-mailers, remailers, and mailing list operators already satisfy this requirement. In a few cases, such as mail forwarding services, you may need to add additional headers to e-mail messages.
Your network contains an Active Directory forest named fabrikam.com. The forest contains a DNS server named Server1. You need to configure Server1 to resolve single-label names.
What should you do?
A. Create a DNS zone named GlobalNames. Run dnscmd.exe and specify the Config parameter.
B. Create a DNS zone named GlobalNames. Run dnscmd.exe and specify the CreateDirectoryPartition parameter.
C. Create a DNS zone named RootNames. Run dnscmd.exe and specify the CreateDirectoryPartition parameter.
D. Create a DNS zone named RootNames. Run dnscmd.exe and specify the Config parameter.
Correct Answer: A
Correct answer(s): A
Deploying a GlobalNames zone
The specific steps for deploying a GlobalNames zone can vary somewhat, depending on the AD DS
topology of your network.
Step 1: Create the GlobalNames zone
The first step in deploying a GlobalNames zone is to create the zone on a DNS server that is a domain controller running Windows Server 2008. The GlobalNames zone is not a special zone type; rather, it is simply an AD DS-integrated forward lookup zone that is called GlobalNames. For information about creating a primary forward lookup zone, see Add a Forward Lookup Zone.
Step 2: Enable GlobalNames zone support
The GlobalNames zone is not available to provide name resolution until GlobalNames zone support is explicitly enabled by using the following command on every authoritative DNS server in the forest:
where ServerName is the DNS name or IP address of the DNS server that hosts the GlobalNames zone. To specify the local computer, replace ServerName with a period (.), for example, dnscmd . /config / enableglobalnamessupport 1.
Step 3: Replicate the GlobalNames zone
To make the GlobalNames zone available to all DNS servers and clients in a forest, replicate the zone to all domain controllers in the forest, that is, add the GlobalNames zone to the forest-wide DNS application partition. For more information, see Change the Zone Replication Scope.
If you want to limit the servers that will be authoritative for the GlobalNames zone, you can create a custom DNS application partition for replicating the GlobalNames zone. For more information, see Understanding DNS Zone Replication in Active Directory Domain Services.
Step 4: Populate the GlobalNames zone
For each server that you want to be able to provide single-label name resolution for, add an alias (CNAME) resource record to the GlobalNames zone. For more information, see Add an Alias (CNAME) Resource Record to a Zone.
Step 5: Publish the location of the GlobalNames zone in other forests
If you want DNS clients in other forests to use the GlobalNames zone for resolving names, add service location (SRV) resource records to the forest-wide DNS application partition, using the service name
_globalnames._msdcs and specifying the FQDN of the DNS server that hosts the GlobalNames zone. For more information, see Add a Resource Record to a Zone and Service Location (SRV) Resource Record Dialog Box.
In addition, you must run the dnscmdServerName/config /enableglobalnamessupport 1 command on every authoritative DNS server in the forests that do not host the GlobalNames zone.
Your company uses Active Directory-integrated DNS. Users require access to the Internet. You run a network capture.
You notice the DNS server is sending DNS name resolution queries to a server named f.root- servers.net. You need to prevent the DNS server from sending queries to f.root-servers.net. The server must be able to
resolve names for Internet hosts.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.) A. Enable forwarding to your ISP’s DNS servers.
B. Disable the root hints on the DNS server.
C. Disable the netmask ordering option on the DNS server.
D. Configure Reverse Lookup Zones for the IP subnets on the network.
Correct Answer: AB
Correct answer(s): A, B
Your company has a single Active Directory forest that has six domains. All DNS servers in the forest run
Windows Server 2008 R2.
You need to ensure that all public DNS queries are channeled through a single-caching-only DNS server. Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A. Disable the root hints.
B. Enable BIND secondaries.
C. Configure a forwarder to the caching DNS server.
D. Configure a GlobalNames host (A) record for the hostname of the caching DNS server.
Correct Answer: AC
Correct answer(s): A, C
Contoso Ltd. has a single Active Directory forest that has five domains. Each domain has two DNS servers. Each DNS server hosts Active Directory-integrated zones for all five domains. All domain controllers run Windows Server 2008 R2.
Contoso acquires a company named Tailspin Toys. Tailspin Toys has a single Active Directory forest that contains a single domain.
You need to configure the DNS system in the Contoso forest to provide name resolution for resources in both forests.
What should you do?
A. Configure client computers in the Contoso forest to use the Tailspin Toys DNS server as the alternate
B. Create a new conditional forwarder and store it in Active Directory. Replicate the new conditional forwarder to all DNS servers in the Contoso forest.
C. Create a new application directory partition in the Contoso forest. Enlist the directory partition for all
D. Create a new host (A) record in the GlobalNames folder on one of the DNS servers in the Contoso forest. Configure the host (A) record by using the Tailspin Toys domain name and the IP address of the DNS server in the Tailspin Toys forest.
Correct Answer: B
Correct answer(s): B
Download Ensurepass Latest 2013 MCTS 70-642 Real Exam Questions , help you to pass exam 100%.