Question NO: 162
You are The Administrator of Your Company Network. The Relevant Portion of Its Configuration is shown
In the elibit.
DNS1 IS A Windows 2000 Server Computer Configured With A Standard Primary Zone. Qdns5 is a unix
Server configured with a secondary dns zone. qdns5 accepts zone Transfers from DNS1. The Client
Computers On Your Network Are Configured To Use DHCP To Obtain IP Addressing Information. The DHCP
Server IS configured to ssue the ip address of dns1 and qdns5 to client computers for name
RESOLUTION.
Users Report That Thei Sometimes Cannot Access Any Network Resources By Name. You Discover That THIS
Problem Occurs Only When DNS1 HAS Been Taken Offline for Maintenance.
You NEED TO ENSURE That Uses Can Resolve Names from qdns5 WHENEVER DNS1 IS UNAVAILABLE. What
SHOULD you do?
A. Instruct Your Internet Service Provider (ISP) To Configure QDNS5 To Kerberos Version 5 Client
Software.
B. Configure DNS Server Service on Dns1 To Allow Bind Secondary Servers.
C. Instruct Your Internet Service Provider (ISP) To Upgrade The DNS Server Software on QDNS5 with A
BIND 8.1 Compatible Implementation.
D. Configure DNS1 SO IT Does Not Require Secure Zone Transfers.
Answer: B
Explanation: The zone transces from dns1 to qdns5 is not working.
Bind Secondaries Determines WHETHER TO USE FAST TRANSFER FORMAT WHEN TRANSWERRING A ZONE TO DNS Servers
Running Legacy Berkeley Internet Name Domain (Bind) Implementations. by Default, All Windows-Based DNS
Servers Use A Fast Zone Transfer Format, Which Uses Compression and Can Include Multiple Records Per TCP
Message during a connected transfer. this format is also compatible with more real bind- based DNS Servers
That Run Versions 4.9.4 and Later. In this Scenario The ISP's DNS Server Does Not Appear To Support this, and Bindsecondaries Needs to be enabled.
INCORRECT ANSWERS:
A: there is no need for Kerberos Software ON A DNS Server.
C: We Should First Allow Bind Secondary Servers. This Would Allow Replication Traffic with Unix Bind
Version 4.9.4 or Later. There Should Be No Need To Upgrade QDNS5 To Bind 8.1.
D: The only second Zone TransferS Available Are Antive Directory Integrated Zone Transfers, And They Are Not
Used here.
