Information Technology Reference
In-Depth Information
This section contains the solutions to the thought experiments and answers to the lesson
review questions in this chapter.
Objective 3.1: thought experiment
1.
Secondary zones provide fast and efficient lookups because they need updating only
when there are actual changes. They are local to the users who use them, reducing
network traffic. But they are a security concern because they have the full list of all
servers and clients in the zone, and they are located in what is often a less-secure
environ ment of the branch office. Other solutions that could be considered are stub
zones or conditional forwarders. Both would have a higher initial network traffic, but
local caching would quickly overcome that. Another possible solution is to consider
putting a Read-Only Domain Controller (RODC) at the branch offices. Doing so would
provide faster resource lookups with the Active Directory-integrated zones loaded as
read-only DNS records and also enable faster logons because logons wouldn't have to
authenticate to the main office.
This is a classic scenario for zone delegation. Create the zone delegations and give
limited admin privilege to someone in the Engineering group who can take control of
the process.
2.
Looking beyond just DNS zones, you might consider setting up an aggressive DNS
record aging and scavenging schedule to keep the zones from building up lots of dead
records. Also consider creating DHCP reservations for most or all the computers in
use. As the computers get repurposed and renamed, they continue to get the same IP
address and settings, which will simplify keeping track of machines. Also, if there's a lot
of full rebuild going on, this is a perfect fit for enabling Windows Deployment Services
(WDS) in the department.
3.
Objective 3.1: review
Correct answer:
C
1.
Incorrect
. You can't have both a zone file and a replication parameter.
A.
Incorrect
. You can't have both a zone file and a replication parameter, and the
replication is to the Forest, not the domain.
B.
Correct
. Creates a primary zone, replicated to the domain.
C.
Incorrect
. Creates a primary zone, but with Forest-wide delegation.
D.
