1.You are configuring a Windows 2000 DNS Server on your company network. The network consists of
one Windows NT domain.

You already have DNS installed on a Windows NT Server on the Windows NT domain. You want to use
dynamic updates on a DNS database, but company management will not allow an upgrade or
decommission of the Windows NT DNS server. All DNS information must be synchronized between the
two DNS servers.

What do you do to accomplish these goals? (Choose three)


A. Create a standard primary zone on a Windows 2000 DNS Server and import the existing zone file.
B. Create a standard secondary zone on a Windows 2000 DNS Server.
C. Delete and re-create the primary zone on the NT DNS Server.
D. Delete the existing zone and create a new secondary zone on the NT DNS Server.
E. Configure the primary zone on the NT DNS Server as the master zone for
the secondary zone on the Windows 2000 DNS Server.
F. Configure the secondary zone on the NT DNS Server to use the Windows 2000 Standard primary zone
as its master zone.

Answer: A, D, F

<table border="1" cellpadding="1" cellspacing="1" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
  <tr>
    <td width="50%">
    <p align="left"><b>Explanation:</b><br> 

A: Dynamic updates are a new feature of Windows 2000 DNS. They are not supported by NT DNS. To
enable dynamic updates we need to create a primary DNS zone on the Windows 2000 server. A secondary
zone will not do because only the primary DNS zone is updateable. We can import the zone data from the
NT server to avoid having to create a new zone file.<br>

D: We need to delete the primary zone on the NT server and create a secondary zone. The NT server must
have a secondary zone to enable the server to transfer zone files from the now primary Windows 2000
server.<br>

F: We can now set the secondary zone on the NT server to use the primary zone on the Windows 2000 server.
The Windows 2000 DNS zone will be dynamically updated. The new information will then be replicated to
the Windows NT Server.<br>

</td>
    <td width="50%">
    <p align="left"><b>Incorrect answers:</b>
<br>

B: The Windows 2000 server must have a primary zone to support dynamic updates, as only a primary zone is
updateable. Furthermore, the primary zone must reside on the Windows 2000 computer because Windows
NT Server does not support dynamic updates.<br>

C: The primary zone must reside on the Windows 2000 computer because Windows NT Server does not
support dynamic updates. We thus cannot delete and recreate the primary zone on the Windows NT Server.<br>

E: The primary zone must reside on the Windows 2000 computer because Windows NT Server does not
support dynamic updates. Furthermore, the Windows NT Server requires a secondary zone to pull DNS
information from the Windows 2000 server. A primary zone cannot pull zone data from a secondary zone.
</td>
  </tr>
</table>




2.You are the administrator of your company’s network. The network consists of one Windows 2000
domain that spans multiple subnets. You are configuring DNS for hostname resolution throughout the
network.

You want to achieve the following goals:
• DNS zone transfer traffic will be minimized on the network.
• Administrative overhead for maintaining DNS zone files will be minimized.
• Unauthorized host computers will not have records created in the zone.
• All zone updates will come only from authorized DNS servers.
• All zone transfer information will be secured as it crosses the network.

You take the following actions:
• Create an Active Directory integrated zone.
• In the Zone Properties dialog box, set the Allow Dynamic Updates option to Yes
• On the Name Servers tab of the Zone Properties dialog box, enter the names and addresses of all DNS
servers on the network.
• On the zone transfers tab of the zone properties dialog box, select the Allow Zone transfers only to the
servers listed on the Name servers tab option

Which result or results do these actions produce? (Choose all that apply)

A. DNS zone transfer traffic is minimized on the network.
B. Administrative overhead for maintaining DNS zone files is minimized.
C. Unauthorized host computers do not have records created in the zone.
D. All zone updates come only from authorized DNS servers
E. All zone transfer information is secured as it crosses the network.

Answer: A, B, D, E


<table border="1" cellpadding="1" cellspacing="1" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
  <tr>
    <td width="50%">
    <p align="left"><b>Explanation:</b><br> 

A: Active Directory integrated zones use IXFR, which are incremental transfers. This means that only the
records that have changed since the last replication are replicated. This makes the replication of Active
Directory integrated zones more efficient because the whole zone file is replicated during standard primary
zone replication.<br>

B: Dynamic updates is the process of a client computer updating it is own record in the DNS zone file. This
will prevent the need to manually enter records in the DNS zone.<br>

D: Selecting the “Allow Zone transfers only to the servers listed on the Name servers tab” option prevents
unauthorized servers from updating the zone. Dynamic updates have been enabled.<br>

E: Active Directory DNS zones replicate their data as part of Active Directory replication. Active Directory
replication uses a secure RPC channel to replicate data.<br>

</td>
    <td width="50%">
    <p align="left"><b>Incorrect answers:</b>
<br>

C: The “Only Secure Updates" option must be selected to be sure that no unauthorized DNS records are created
in the zone. Secure updates specify that only users, groups or computers that have been granted the right to
write to the zone or record have the ability to update the record.

</td>
  </tr>
</table>




3.You are the administrator of a Windows 2000 network for Miller Textiles. The network configuration is
shown in the exhibit..<br>

<img border="0" src="./70-217/pic/q3.JPG" width="559" height="439"></p>


The millertextiles.com domain is hosted on Server1 as an Active Directory integrated zone, and on
Server3 as a secondary zone.

All the client computers on Segment B are Windows 2000 Professional computers. All the client
computers on Segment A are down-level client computers. All the client computers use DHCP.

You share some network resources on several of the client computers on Segment A. Several days later
you attempt to connect to those shared resources from client computers running on segment B, but you
are unable to resolve the host names of client computers on Segment A.

How should you correct this problem?

A. On the DHCP server, set the DNS Domain Name scope option to millertextiles.com.
B. On Server1 for the millertextiles.com zone, change the value of Allow Dynamic Updates from the
default settings to Yes.
C. Configure the millertextiles.com domain to allow zone transfers to all the computers on the network.
D. On server2, enable updates for DNS clients that do not support dynamic
updates.

Answer: D


<table border="1" cellpadding="1" cellspacing="1" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
  <tr>
    <td width="50%">
    <p align="left"><b>Explanation:</b><br> 

When a client on Segment B wants to access a shared resource on a computer on Segment A, it
must first resolve the host name of the computer on Segment A to an IP address. This type of name resolution is
performed by DNS. In this scenario, however, the clients are unable to resolve the host names to IP addresses
because there are no entries in the DNS for the clients on Segment A. The clients on Segment A are down-level
clients and are therefore unable to update DNS with information about the resources and services running on the
machines. This problem can be overcome by manually entering the appropriate records in the DNS zone, or by
configuring the DHCP server to update the records for the down-level clients. Enabling Server2, which is the
DHCP server, to update DNS for the clients will enable the clients on Segment B to resolve their host names.

</td>
    <td width="50%">
    <p align="left"><b>Incorrect answers:</b>
<br>

A: The millertextiles.com domain is hosted on Server1 as an Active Directory integrated zone, and on Server3
as a secondary zone. Therefore, the DNS Domain Name scope option is set to millertextiles.com on the
DHCP server. This will therefore not update the DNS zones for the down-level clients. We should instead
configure the DHCP server to update the records for the down-level clients.<br>

B: Server1 has an Active Directory integrated zone, which would require that the value of Allow Dynamic
Updates be set to Yes. As an Active Directory integrated zone, this option is already set. This will therefore
not update the DNS zones for the down-level clients. We should instead configure the DHCP server to
update the records for the down-level clients.<br>

C: Configuring the millertextiles.com domain to allow zone transfers to all the computers on the network will
not affect the down-level client’s ability to update DNS. To enable the down-level clients to update DNS we
should configure the DHCP server to update the records for the down-level clients.

</td>
  </tr>
</table>


4.You are the administrator of a Windows 2000 network. Your network consists of five sites in one domain.
The Chicago, Los Angeles, and New York sites will have DNS running on their Domain Controllers.
Miami and Seattle will have DNS running on dedicated member servers.

You want to allow client computers in the Chicago, Los Angeles, and New York sites to perform secure
dynamic updates to the DNS server. You want to configure your DNS servers so that each site has a
replicated copy of the DNS zone.

What should you do?

To answer, click the Select and Place button, and then drag the appropriate zone type to each site. (Note:
zone types can be used more than once)<p>
<img border="0" src="./70-217/pic/q4.JPG" width="559" height="401"></p>


A.<b>Chicago</b>: Active Directory integrated zone.<br> 
<b>Los Angeles</b>: Active Directory integrated zone.<br> 
<b>Miami</b>: Secondary zone.<br> 
<b>New York</b>: Active Directory integrated zone.<br> 
<b>Seattle</b>: Secondary zone.



Answer: A

<img border="0" src="./70-217/pic/a4.JPG" width="559" height="374"></p>

<table border="1" cellpadding="1" cellspacing="1" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
  <tr>
    <td width="50%">
    <p align="left"><b>Explanation:</b><br> 

<b>Chicago</b>: Active Directory integrated zone. Only Active Directory integrated zones support secure updates.
Primary and secondary zones do not support secure updates. Cache only zones only keep records that have
been resolved by passing the DNS query to a primary, secondary or Active Directory integrated zone.<br> 

<b>Los Angeles</b>: Active Directory integrated zone. Only Active Directory integrated zones support secure
updates. Primary and zones do not support secure updates. Cache only zones only keep records that have been
resolved by passing the DNS query to a primary, secondary or Active Directory integrated zone.<br> 

<b>Miami</b>: Secondary zone. A secondary zone is required for full zone replication. The question states a
requirement for each location to have a full copy of the zone files. Only a secondary zone can receive a full
copy of a zone file from a primary or Active Directory integrated zone.<br> 

<b>New York</b>: Active Directory integrated zone. Only Active Directory integrated zones support secure
updates. Primary and zones do not support secure updates. Cache only zones only keep records that have been
resolved by passing the DNS query to a primary, secondary or Active Directory integrated zone.<br> 

<b>Seattle</b>: Secondary zone. A secondary zone is required for full zone replication. The question states a
requirement for each location to have a full copy of the zone files. Only a secondary zone can receive a full
copy of a zone file from a primary or Active Directory integrated zone.

</td>
  </tr>
</table>















<img border="0" src="./70-217/pic/Q4.JPG" width="879" height="362"></p>