CST8200 - Windows Domain Administration Week 2

Questions and Answers

What is the primary purpose of the Domain Name System (DNS)?

• To resolve names to IP addresses and vice versa (correct)
• To convert IP addresses into binary codes
• To manage network traffic flow between computers
• To authenticate user credentials across networks

Which of the following services relies on DNS for secure connections?

• Network Address Translation
• Dynamic IP Addressing
• Certificate Authorities (correct)
• File Transfer Protocol

What is the first step a computer takes when attempting to resolve an IP address using DNS?

• Request information from the DNS resolver
• Check if the name is in the HOST file
• Check if the IP address is the local address (correct)
• Cache the name for future reference

What range of IP addresses defines localhost?

127.0.0.1 to 127.255.255.254 (C)

If a computer's own address and cache do not contain the required information, what is the next step it will take in the DNS resolution process?

Request information from the DNS resolver over UDP port 53 (D)

What must be true for a secondary zone to be created?

It must have the same name as an existing primary zone. (D)

Which statement about secondary zones is correct?

Secondary zones are read-only. (D)

What initiates a zone transfer between DNS servers?

A secondary server requesting the transfer. (A)

In zone transfer settings, which option allows a secondary server to attempt to renew its zone information?

Refresh interval (A)

How are traditional forwarders configured in DNS Manager?

By right clicking the server node and selecting Forwarders tab. (A)

What happens if multiple forwarders are specified in DNS configuration?

They are queried in the order listed. (B)

What is the effect of failing to contact the primary DNS server during a zone transfer?

The zone data is considered obsolete. (C)

Which of the following is NOT a method to configure how frequently zone transfers occur?

Update interval (C)

What is the primary function of the Domain Name System (DNS)?

To provide a hierarchical database of computer names and IP addresses (B)

Which type of DNS query involves the server processing the request until a definitive answer is found?

Recursive Query (A)

In DNS, what does the term 'zone' refer to?

A grouping of DNS information for domains and sub-domains (D)

Which type of DNS server holds a complete copy of a zone’s resource records?

Primary zone (C)

Which DNS resource record translates domain names to IP addresses?

A (C)

How can dynamic updates in DNS be configured?

Allow both secure and nonsecure updates (A), Only allow secure dynamic updates (C)

What is the main purpose of a Mail Exchanger (MX) record in DNS?

To locate the mail server for a domain (D)

What information does the Start of Authority (SOA) record contain?

Information about the primary server and operational properties of the zone (D)

What is the role of a Forwarder DNS server?

It forwards requests to other DNS servers when it cannot resolve them (D)

Which DNS record type is specifically used to map IP addresses back to hostname?

PTR (C)

What does a CNAME record do in DNS?

It provides an alias for another domain name (B)

What is the primary difference between an authoritative server and a caching-only server?

Caching-only servers don't hold zone information and only respond to queries (C)

What happens when a dynamic DNS record expires?

It is deleted from the DNS database (B)

Flashcards

DNS purpose

DNS translates names (like website addresses) to IP addresses (computer numbers).

DNS resolver

A computer program that talks to a DNS server to get IP address.

DNS resolution steps

Checking local IP, cache, HOST File, then DNS resolver (UDP port 53), if needed.

Localhost IP address

IP address range is 127.0.0.1 – 127.255.255.254. Represents the computer itself.

DNS Cache

A temporary memory store for recently looked up IP addresses to speed up future queries.

What is a domain name registry?

A database that stores all domain names and their associated registrant information for top-level domains (like .com, .org) on the internet.

What is a secondary DNS zone?

A read-only copy of a primary DNS zone that receives data from the primary zone through zone transfers.

How are secondary zones updated?

Changes made in the primary zone are transferred to secondary zones through automated processes.

Why are zone transfers important?

They ensure all DNS servers in the network have consistent and up-to-date information about domain names and their corresponding IP addresses.

What is a zone transfer refresh interval?

The time a secondary DNS server waits before requesting a new copy of the primary zone data.

What is the purpose of traditional DNS forwarders?

They act like intermediaries for resolving DNS queries for specific domains to other DNS servers.

What is a conditional forwarder?

A type of DNS forwarder that only directs queries for specific domains to specified DNS servers.

How does a DNS server prioritize query resolution?

First checks local cache, then searches the HOST file, then uses configured forwarders, and lastly performs recursive lookup on the internet if necessary.

DNS (Domain Name System)

A distributed, hierarchical database that maps computer names to IP addresses.

Distributed DNS

No single database holds all DNS data; information is spread across multiple servers.

Hierarchical DNS

DNS data is organized in a layered structure.

DNS Lookup

The process of converting a domain name to an IP address.

Iterative Query

A DNS lookup where each server provides information or guides the query to the next server.

Recursive Query

A DNS lookup where one server handles the entire query, asking other servers until it finds the answer.

DNS Zone

A grouping of DNS information for a domain or subdomain.

Resource Record

Data within a DNS zone, containing information about network resources (e.g., name, address).

Authoritative Server

A DNS server that holds the complete, official records for a zone.

Forward Lookup Zone

A zone that maps domain names to IP addresses.

Reverse Lookup Zone

A zone that maps IP addresses to domain names.

Primary Zone

Contains the master copy of resource records for a zone.

Secondary Zone

A read-only copy of a primary zone's records.

Dynamic Updates

Mechanism for automatically updating DNS records when resources change.

CNAME Record

An alias for another domain name in the DNS.

PTR Record

Maps an IP address to a hostname (found in reverse lookup zones).

Study Notes

CST8200 - Windows Domain Administration

• Course is taught by Denis Latremouille
• Week 2 topics include Windows Server, Case Study Review, DNS Install, Configure, Manage, and DNS Demo

Introduction to Domain Name System

• DNS is used to resolve names to IP addresses and vice versa
• Computers communicate with numbers, but people prefer names
• Many other services rely on DNS for various purposes
• Authentication and certificate authorities use DNS for security
• Dynamic DNS allows computers to locate each other even with dynamic IPs

DNS Order of Operations

• When a computer needs an IP address, it first checks
  • Localhost (127.0.0.1 - 127.255.255.254)
  • DNS cache
  • HOST file
• If not found, the computer requests the information from its DNS resolver over UDP port 53
• The DNS server handles the information exchange

Introduction to Domain Name System (Continued)

• DNS is a distributed hierarchical database of computer names and IP addresses
• No single database contains all data
• Finding an address requires querying multiple DNS servers within a hierarchy

DNS Naming Hierarchy

• A visual hierarchy (tree structure) of domains
• Top-level domains (TLDs) (e.g., .com, .edu)
• Second-level domains (e.g., microsoft.com, cengage)
• Subdomains (e.g., mdsn.microsoft.com, downloads.microsoft.com)

The DNS Database

• A zone is a grouping of DNS information for one or more domains and subdomains
• Zones contain resource records with information about network resources
• Resource records are identified by codes (e.g., A, AAAA, MX, NS)
• Examples of helpful analogies and explanations are provided via Youtube links

The DNS Lookup Process

• Two types of DNS lookups: iterative and recursive
• Iterative: the server returns the best match or a referral
• Recursive: the server continues the lookup until a response is found or a "don't know" message is returned
• DNS clients maintain static DNS entries

DNS Server Roles

• Authoritative servers hold complete zone copies
• Forwarders send unresolved requests to other servers
• Conditional forwarders target requests for specific domains
• Caching-only servers cache results after recursive lookups or forwarder requests

Configuring DNS

• Three key aspects: DNS zones (forward lookup, reverse lookup), DNS resource records, DNS server settings
• Various record types (e.g., A, NS, MX, CNAME, AAAA, PTR, SRV)

Forward and Reverse Lookup Zones

• Forward lookup zones (FLZ) translate names to IP addresses (e.g., A, AAAA, MX records)
• Reverse lookup zones (RLZ) map IP addresses to names (e.g., PTR records)

Zone Type

• Primary zones are read/write masters
• Secondary zones are read-only copies
• Stub zones contain only SOA and NS records for resolving NS records

Dynamic Updates

• Dynamic updates allow client computers to register and dynamically update their resource records with a DNS server
• Configurable options for secure, nonsecure, and no dynamic updates; security is emphasized

Creating DNS Resource Records

• Resource records can be created dynamically or statically
• Dynamic records created through a resource or DHCP server
• Static records created manually by an administrator or automatically by Windows

Host (A and AAAA) Records

• Used for mapping hostnames to IP addresses

Canonical Name (CNAME) Records

• Create aliases for other domain name records within the DNS database

Pointer (PTR) Records

• Resolve IP addresses to hostnames, primarily found in reverse lookup zones

Mail Exchanger (MX) Records

• Used by mail services to identify mail servers for a domain

Service Location (SRV) Records

• Specify hostname and port numbers for specific services, crucial for Active Directory operation

Creating Dynamic DNS Records

• Dynamic DNS records are created and updated by a DHCP server when an IP address is leased or renewed
• Time-to-Live (TTL) value specifies the duration a record remains in the DNS database; expired records are removed

Configuring DNS Zones

• DNS Manager allows viewing and changing zones
• Options include status, type, replication, dynamic updates, and aging

Start of Authority (SOA) Records

• SOA records contain fundamental information identifying the server responsible for a zone, along with operational parameters

Name Server (NS) Records

• Specify authoritative servers for a zone, including FQDN and IP addresses
• Glue records contain IP addresses for name servers
• Domain name registry holds information about domain names and registrants

Creating Secondary Zones and Configuring Zone Transfers

• Secondary zones are read-only copies of primary zones
• Changes are made on the primary server and then transferred to secondary servers

Zone Transfer Settings

• Zone transfers copy zone data between DNS servers
• Configuration options include refresh intervals, DNS notify methods and the like

Configuring Traditional Forwarders

• Traditional forwarders are configured to direct queries to external DNS
• Servers are queried sequentially in order. A root server is used if queried from a forwarder does not give a result.

Configuring Conditional Forwarders

• Conditional forwarders resolve queries from locally stored records, DNS cache, conditional forwarders, traditional forwarders, and recursively using root hints.

Monitoring and Troubleshooting DNS

• Troubleshooting involves understanding where DNS is used and monitoring or using tools like DNS Manager, dcdiag, dnscmd, PowerShell, Event Viewer, dnslint, nslookup, ping, ipconfig, etc. DNS problems frequently involve performance issues.