Home | Windows | Network | Interview Questions | Database | Virtualization | Knowledge Base | Contact Us

Quick Links

Windows 2003 KB

Windows 2008 KB

Windows 2012 KB

Exchange Q&A

Virtualization

Linux Interview Q&A

VM Interview Q&A

 

Network Interview Questions

SQL Interview Questions

Windows Admin Interview Q&A

Windows Forum

Other Links

DNS FAQ's

DHCP FAQ's

Active Directory FAQ's

AD History

Configuring New Domain

Deleted Object Recovery in AD

 

Global Catalog Server

NetDom Command

Replmon Command

NTDS Utility Guide

FSMO Guide

FSMO Failure

 

Network KB

Knowledge Base Home

Active Directory Trust

Group Policy Guide

IIS 6.0

RAID Levels

 

RPC Guide

Domain & Forest Functional Levels

SQL Failover Cluster

Hyper-V

Print Server

BitLocker

PowerShell

Planning Trust

Creating Trust

Windows Server 2008 DNS Interview Questions !

> What are the properties of DNS server?
INTERFACES, FORWARDERS, ADVANCED, ROUTINGS, SECURITY, MONITORING, LOGGING, DEBUG LOGGING.

> Properties of a Zone ?
General, SOA, NAMESERVER, WINS, Security, and ZONE Transfer.

> What is the 224.0.1.24 address used for ?
WINS server group address. Used to support auto discovery and dynamic configuration of replication for WINS servers. For more information, see WINS replication overview WINS server group address. Used to
support auto discovery and dynamic configuration of replication for WINS servers.

> Why do we need to "sign the root" ?
Recently discovered vulnerabilities in the DNS combined with technological advances have greatly reduced the time it takes an attacker to hijack any step of the DNS lookup process and thereby take over control of a session to, for example, direct users to their own deceptive Web sites for account and password collection. The only long-term solution to this vulnerability is the end-to-end-deployment of a security protocol called DNS Security Extensions – or DNSSEC.

> What is DNSSEC ?
DNSSEC is a technology that was developed to, among other things, protect against such attacks by digitally 'signing' data so you can be assured it is valid. However, in order to eliminate the vulnerability from the Internet, it must be deployed at each step in the lookup from root zone to final domain name (e.g., www.techievalley.com). Signing the root (deploying DNSSEC on the root zone) is a necessary step in this overall processii. Importantly it does not encrypt data. It just attests to the validity of the address of the site you visit.

> What is the "in-addr.arpa" zone used for?
In a Domain Name System (DNS) environment, it is common for a user or an application to request a Reverse Lookup of a host name, given the IP address. This article explains this process. The following is quoted from RFC 1035: "The Internet uses a special domain to support gateway location and Internet address to host mapping. Other classes may employ a similar strategy in other domains. The intent of this domain is to provide a guaranteed method to perform host address to host name mapping, and to facilitate queries to locate all gateways on a particular network on the Internet.

"The domain begins at IN-ADDR.ARPA and has a substructure which follows the Internet addressing structure. "Domain names in the IN-ADDR.ARPA domain are defined to have up to four labels in addition to the IN-ADDR.ARPA suffix. Each label represents one octet of an Internet address, and is expressed as a character string for a decimal value in the range 0-255 (with leading zeros omitted except in the case of a zero octet which is represented by a single zero).

"Host addresses are represented by domain names that have all four labels specified." Reverse Lookup files use the structure specified in RFC 1035.

For example, if you have a network which is 150.10.0.0, then the Reverse Lookup file for this network would be 10.150.IN-ADDR.ARPA. Any hosts with IP addresses in the 150.10.0.0 network will have a PTR (or 'Pointer') entry in 10.150.IN- ADDR.ARPA referencing the host name for that IP address. A single IN- ADDR.ARPA file may contain entries for hosts in many domains. Consider the following scenario. There is a Reverse Lookup file 10.150.IN-ADDR.ARPA with the following contents: Exp : 1.20 IN PTR WS1.ACME.COM.

Continue Next Questions

          

Previous Questions

HTML Comment Box is loading comments...

Windows Home || Network Home || Database Home


Designed by TechieBird