1. Your company uses an Internet domain of westsim.com.

Your network also has a single Active Directory domain

named westsim.local. You manage your network's DNS servers for thewestsim.com zone and the westsim.local zone. All
Domain Name Service (DNS) servers on your network run Windows Server 2012 R2.

Your company's Asia division wants its own Internet namespace, and wants to manage its own DNS servers. The division will
use asia.westsim.com as its Internet domain name.
You want to minimize administrative effort and communication between the two divisions as the Asia division installs DNS
servers. To support this goal, you need to make appropriate configurations on the DNS servers that you manage.
What should you do?

o Create an NS record in the westsim.com zone for each asia.westsim.com authoritative DNS server.

o Integrate the asia.westsim.com zone into Active Directory.

o Create and configure a stub zone named asia.westsim.com.

o Add the first Asia division DNS server as a forwarder for the westsim.com zone.

Use a stub zone to provide quick access to the name server list and to provide a method of keeping the name
server list updated without replicating zone data. Create the stub zone on the parent zone. NS records in the stub
zone will be kept up-to-date automatically through zone transfers from a master server that is authoritative for
the asia.westsim.com zone.

Manually adding NS records to the westsim.com zone for each asia.westsim.com authoritative DNS server
requires network administrators for the asia.westsim.com zone to notify you of each new DNS server installed.

2. You manage a network with a main office and one branch office. Each office has its own Internet connection, and the two
offices are connected with a WAN link.

All computers in the main office are members of the westsim.private domain. All computers in the branch office are members
of the tulsa.westsim.private domain.
The DNS1 server in the main office holds a primary zone for the westsim.private domain, while the DNS2 server in the branch
office holds the primary zone for the tulsa.westsim.private domain.
Clients in the branch office are able to resolve hostnames for the tulsa.westsim.private domain and for all Internet hosts.
However, they cannot resolve hostnames for hosts in the westsim.privatedomain.
You need to allow hosts in the branch office to resolve names for hosts in the main office, while still allowing Internet name
resolution and minimizing WAN traffic.
What should you do?

In this scenario, you want westsim.private name requests to be sent to DNS1, with all other Internet
requests sent to the root hint servers on the Internet. To accomplish this, configure a conditional forwarder for
the westsim.private domain on DNS2 that uses the DNS1 server.

If you configure DNS1 as a forwarder for DNS2 and disable root hints, all name resolution requests for non-
authoritative zones directed to DNS2 will be forwarded to DNS1. This means that all requests for Internet
hosts will be forwarded to DNS1 across the WAN link.
 Deleting root hints on DNS2 would disable the ability to resolve Internet hosts unless a forwarder is
configured. Adding a root zone to DNS1 would disable Internet name resolution on DNS1.

3. You are a systems administrator for WestSim Corporation. As part of a new security initiative, the IT department has
developed a custom application that reports the host name of all clients that try to access three sensitive servers in the
Accounting department. The application has been working fine for the last three months.

The company expands and adds a new building with a LAN connection to the rest of the network. This building has its own
subnet, 192.168.5.0. You create a scope on an existing DHCP server for this subnet.
During a random check of the reporting software, you discover that the application reports only the IP address but not the host
name for clients on the new subnet. Everything works as designed for hosts on other subnets. You check the DNS database
and find that none of the hosts on that subnet have an associated PTR record.
What should you do?

Create a secondary reverse lookup zone for subnet 192.168.5.0.

Create a primary reverse lookup zone for subnet 192.168.5.0.

Manually create PTR records for each host on the subnet.

Add a HOSTS file to the server running the reporting software.

Manually create CNAME records for each host on the subnet.

You need to create a primary reverse lookup zone for the new subnet. The custom application uses the reverse
lookup zone to find the host name for a given IP address. By default, Windows clients register their A (host) record,
while the DHCP server registers the PTR (pointer) record. However, the reverse lookup zone must exist in the DNS
database before the DNS server can create the PTR record.

4. You administer a branch office connected to the main headquarters with a WAN link. Servers in the branch office provide
DNS and DHCP services. The company network has multiple domains, with a single domain representing the branch office.

A DNS server called DC1 at the branch office holds the primary zone for the branch domain but holds no other zone files. DNS
servers at headquarters provide name resolution for hosts in other domains.
One day, you come to work to find a number of customer service complaints. They all report something similar--clients can
resolve local host names, but cannot resolve host names for other domains on the network.
You contact the enterprise administrator and are told that the IP address for the DNS server that was being used previously as
a forwarder for the branch office has been changed to 10.155.11.15.
What should you do to fix the problem?
 Configure DC1 to forward name resolution requests to 10.155.11.15.

Modify the DHCP scope properties so that clients use 10.155.11.15 for name resolution.

Manually configure each client to use 10.155.11.15 for name resolution.

Configure DC1 as a caching-only server.

Change the primary zone on DC1 to an Active Directory integrated zone.

DC1 is configured to use forwarders. It sends unresolvable host name requests to a DNS server at headquarters.
The IP address for this server has changed. To fix the problem, modify the configuration of DC1 to identify
10.155.11.15 as a forwarder.
Changing network clients to use 10.155.11.15 for name resolution would mean that all name resolution requests
would be sent across the WAN link. Clients should submit name resolution requests to DC1. If DC1 cannot resolve
the name, it forwards the request to the appropriate server.

5. Your network has a single domain named southsim.com. All client computers run Windows 7 or Windows 8

DNS data for the domain is stored on the following servers:

DNS1 holds the primary zone for southsim.com.
DNS2 and DNS3 hold secondary zones for southsim.com.
All three DNS servers are located on domain controllers. The DNS zone for the domain is configured to allow dynamic updates.
You want to allow client computers to send DNS updates to any of the three servers, and allow any of the three servers to
update DNS records in the zone.
What should you do?

On the primary zone, change the settings so that the two secondary servers are notified when the zone is

updated.

On all three servers, change the zone type of the DNS zone to Active Directory integrated.

On the primary zone, change the settings to allow zone transfer to only the two secondary servers.
 On the primary zone, change the dynamic update option to allow only secure updates.

In the current configuration, only the DNS1 server has a writeable copy of the zone database. To allow any DNS
server to accept updates and make changes, convert all zones to Active Directory integrated zones. Active
Directory integrated zones support multi-master updates (updates originating at any domain controller in the
domain).
Notifying secondary servers of zone changes reduces the time delay in updating the copy of the zone file stored on
the secondary servers. Allowing zone transfers to only listed servers improves security by preventing unidentified
servers from getting a copy of the zone information. Allowing secure updates only is only possible on an Active
Directory integrated zone. None of these options by themselves allow multiple servers to update the zone
database.

6. You are the systems administrator for WestSim Corporation. You have been assigned to set up a new branch office in Tulsa.
The branch will be represented by a single domain.

You install a single DNS server called TulsaDNS and configure a primary zone for the branch office domain.
You test name resolution and find that hosts can only resolve names for hosts within the domain. You need to enable clients in
the Tulsa location to resolve names for hosts in other domains within your private network. You would like to minimize traffic
across the WAN link between the sites.
What should you do?

Configure TulsaDNS with root hints.

Configure TulsaDNS to use forwarders.

Configure network clients to use a DNS server located on the rest of the network.

Configure TulsaDNS as a caching-only server.

Configure TulsaDNS to use forwarders. When TulsaDNS receives a request for a hostname on another domain, it
forwards the request to another DNS server. The TulsaDNS server submits a recursive request so that only the
single request and response travels across the WAN link.
Configuring TulsaDNS with root hints pointing to root servers on the rest of the network would enable name
resolution. However, TulsaDNS would refer to the root zone servers and perform iterative queries to resolve all host
names outside of its own domain. This would result in multiple requests crossing the WAN link to resolve a single
host name.
Configuring TulsaDNS as a caching-only server would increase WAN link traffic, as the domain for the Tulsa
location would need to be placed on the other side of the WAN link. Name resolution requests for hosts within the
domain in Tulsa would need to cross the WAN link once for each host until the server cached the host names of all
other hosts.
7. You are a network engineer for a new company. The company will have offices in Denver, Atlanta, and Phoenix. All sites will
be connected using wide area network (WAN) connections. The company will have a private network based on two Active
Directory domains. All servers, including domain controllers, will run Windows Server 2012 R2. All servers will be members of
an Active Directory domain.

The company's research department will be located in Phoenix and will have its own Active Directory domain
named research.corp.westsim.com. No other departments will be located in Phoenix. All other departments will be located in
Denver or Atlanta and will be part of an Active Directory domain named corp.westsim.com.
According to the Active Directory design, all research.corp.westsim.com domain controllers will be located in Phoenix.
Domain controllers for the corp.westsim.com domain will be located in Denver and Atlanta. Each company site will have at
least one DNS server running on an Active Directory domain controller. All DNS servers will be on DCs.
You are designing zone configuration requirements for the company's DNS zones. As part of your security plan, you must
minimize the possibility of DNS data be incorrectly modified by unauthorized servers that are impersonating actual servers.
What should you do? (Choose two. Each correct choice is part of the solution.)

Integrate all zones into Active Directory.

On each DNS server, disallow all zone transfers.

Enable secure dynamic updates on all zones.

Create an IPSec tunnel between any two DNS servers which host identical zones and participate in zone transfers

with each other.

On the master DNS server for each zone, restrict zone transfers to the IP address of known slave DNS servers for

the zone.

The best action for preventing server impersonation is to configure your zones to use secure dynamic updates.
When secure dynamic updates are required, the DNS server only lets computers with Write permission to the DNS
record update the record. By default, the Creator Owner (the computer that originally created the record) has this
permission. You must integrate your zones into Active Directory to enable secure dynamic updates.
Although it is possible that unauthorized updates could be made to DNS through zone transfers, this is less likely. In
any case, by integrating your zones into Active Directory, you also protect DNS from unauthorized changes made
through zone transfer.
8. You are the network manager for the westsim.private domain. The SRV1 server runs all file and print services for the
network. In the DNS database, it has an A record that mapssrv1.westsim.private to the IP address of 192.168.16.10.

You want to create a PTR record that maps the IP address to the hostname.
In which zone should you create the record?
 192.168.16.ip4.arpa

192.168.16.in-addr.arpa

westsim.private

16.168.192.in-addr.arpa

16.168.192.ip4.arpa

To create a PTR record that maps an IP address to a hostname, create the PTR record in the corresponding
reverse lookup zone. For IPv4 addresses, the zone name will be the reverse of the subnet portion of the address, in
this example 16.168.192.in-addr.arpa.

A records that map hostnames to IP addresses are created in the forward lookup zone, in this
examplewestsim.private. IPv6 pointer records are created in zones that end in ip6.arpa.

9. The image shows the current scavenging settings for the eastsim.com domain. As you check records in the zone, you find
several records that have not been updated for 16 days or longer. You need to make sure that records are automatically
removed if they have not been updated in the last 14 days.

What should you do?

Decrease the no-refresh interval setting.

Decrease the refresh interval setting.

Enable automatic scavenging on the zone.

Increase the refresh interval setting.

Based on the current settings, records are being marked as stale after 14 days have elapsed. However, stale
records are not being removed. To remove stale records, you must manually initiate scavenging or enable
automatic scavenging on the zone.
The no-refresh interval specifies a time period where updates to DNS records are not allowed. After this time
period, the record can be updated for the period of time specified by the refresh interval. In this example, after 7
days the record can be updated, and after an additional 7 days (14 days total), the record is marked as stale and is
a candidate for scavenging. Scavenging only removes stale records that have not been updated after the refresh
interval has expired.
Decreasing the no-refresh interval or the refresh interval values will decrease the period of time before a record is
marked as stale, but will not automatically initiate scavenging.

10. The image shows the current scavenging settings for the eastsim.com zone. Automatic scavenging has been configured
on the zone to run every hour.

You want to modify the existing settings so that DNS records are deleted within 10 days after they have not been refreshed.
What should you do?

[A]

Set the refresh interval to 3.

Set the no-refresh interval to 1 and the refresh interval to 10.

Set the no-refresh interval to 10.

Set the refresh interval to 10.

To configure the server so that resource records are deleted after they have not been refreshed for 10 days,
change the no-refresh interval and the refresh interval so that the combined value is 10 days. In this scenario,
the only valid option is to modify the refresh interval to 3.
The no-refresh interval identifies the period of time that a record is considered valid. When the no-refresh interval
expires, the record can be updated. After the refresh interval expires, the record is considered stale, and can be
scavenged (removed).
Note: The refresh interval should be longer than the refresh interval for individual records. By decreasing this value
to 3, you might need to decrease the refresh interval of individual records in the zone so they are updated within the
refresh interval for the zone

11. You manage the DNS servers for the eastsim.com domain.

You company has just acquired a competitor. The competitor network uses a single domain namedwidgets.local. The new
company is located in Denver. You connect your site to the Denver location using a WAN link.
You want computers in your location and domain to be able to resolve names for computers in thewidgets.local domain. You
want to minimize zone transfer traffic, but you also want to make sure that changes to name servers in the Denver location to
not disrupt name resolution.
You need to configure your DNS servers in the eastsim.com domain. What should you do?

Configure a stub zone to widgets.local.

Configure the DNS server in your location with a conditional forwarder for widgets.local.

Configure a zone delegation to the widgets.local domain.

Configure a secondary zone for widgets.local on a DNS server in your location.

To minimize zone transfer traffic while keeping the name server list updated, configure a stub zone. The stub zone
replicates only the NS and A records from the target zone. This allows the DNS server to locate an authoritative
name server for the target domain.
Using a secondary zone, all zone data is copied. While this results in a reduction in WAN traffic for DNS name
requests, it means an increase in WAN traffic for zone transfers. A stub zone has much less WAN traffic for zone
transfers because only the NS and A records for the name servers are transferred.
Using a conditional forwarder eliminates zone transfer traffic, but does not keep the name server list updated. Use a
zone delegation to delegate part of your domain name space to another location.

12. You administer a branch office connected to the main headquarters with a T-1 line. Servers in the branch office provide
DHCP services. DNS servers at headquarters host Active Directory integrated zones to provide name resolution throughout the
company.

You want to improve name resolution performance for hosts in the branch office. You get permission to install a DNS server in
the branch office. You want the server in the branch office to hold as much of the zone information as possible, but you are
instructed that the server must not host editable copies of the zone files.
How should you configure the DNS server in the branch office?
The best solution would be to configure a secondary zone on the DNS server at the branch office. The server
would receive its data from the Active Directory integrated zone at headquarters. Secondary zones are read-only
copies of other zones.

You could configure a caching-only server. However, this would not provide as much of a performance gain
because the server would not have a copy of the zone file. A primary zone would not replicate data from another
source, and would be an editable copy of the zone database. An Active Directory integrated zone would hold an
editable copy of the zone database.

13. Your Active Directory network uses an internal DNS namespace of private.westsim.com. Several other Active Directory
domains also exist, which are children to the private.westsim.comdomain. On the Internet, your company
uses westsim.com for its public domain name.
Your company manages its own DNS servers that are authoritative for the westsim.com zone. Theprivate.westsim.com zone
has been delegated to your company's Active Directory domain controllers, which are also DNS servers.
Computers that are members of the private.westsim.com domain and all child domains must be able to resolve DNS names
of Internet resources. However, to help secure your network, DNS queries for resources in the private.westsim.com domain
and all child domains must never be sent to Internet DNS servers. Queries for Internet names must go first to your public DNS
server that is authoritative for the westsim.com domain. You need to configure your company's DNS servers to meet these
requirements.
What should you do? (Choose two. Each correct choice is part of the solution.)

Delete root hints to Internet DNS servers on all DNS servers that are authoritative for

theprivate.westsim.com zone or any child zone.

On all DNS servers that are authoritative for the private.westsim.com zone or any child zone, create a

forwarders list. Forward to DNS servers that are authoritative for the parent zone.

On all DNS servers that are authoritative for the westsim.com zone or any child zone, create a forwarders list.

Forward to DNS servers that are authoritative for the child zone.

Configure root hints to Internet DNS servers on all DNS servers that are authoritative for

theprivate.westsim.com zone or any child zone.

Delete root hints to Internet DNS servers on all DNS servers that are authoritative for the westsim.comzone.

To prevent private.westsim.com DNS servers from contacting Internet DNS servers directly, delete root hints to
Internet servers on all DNS servers that are authoritative for the private.westsim.com zone or any child zone.
Instead, forward all unresolved DNS requests to parent zone DNS servers.
Requests that get forwarded to westsim.com DNS servers will not be related to the private namespace.
Therefore, it is safe to configure root hints to Internet DNS servers on these DNS servers.

14. You are the administrator for the Creative Designs company. The network uses a single domain named cdesign.com. A
single domain controller (CDDC1) holds an Active Directory-integrated zone and provides DNS services.

Recently, your company purchased a competitor company, Design Limited, Inc. Their network uses a single domain
named dlimitinc.com, with a single domain controller (DLIDC1) holding an Active Directory-integrated zone.
Domains for each company are currently in different forests.
You connect the Creative Designs location to the Design Limited location with a T-1 line.
You want to enable hosts at the Creative Designs location to be able to resolve host names for hosts in
the dlimitinc.com zone. You need to minimize hardware costs while maximizing DNS performance.
How should you configure the CDDC1 server at the Creative Designs location to enable clients to resolve names at Design
Limited, Inc.?

Create an Active Directory integrated zone of the dlimitinc.com zone on CDDC1.

Create a primary zone of the dlimitinc.com zone on CDDC1.

Configure the IP address for DLIDC1 as a forwarder for CDDC1.

Create a secondary zone of the dlimitinc.com zone on CDDC1.

Create a secondary of the dlimitinc.com zone on CDDC1. This places zone data close to the users. DNS
requests originating from Creative Designs can be resolved by a local server without the request going across the
WAN link.
Configuring DLIDC1 as a forwarder for CDDC1 would provide name resolution, but would result in all name
resolution requests crossing the WAN link. Using a secondary zone minimized WAN traffic.
Active Directory-integrated zones are not replicated across forest boundaries, and by default are only replicated
within the same domain. Creating a primary zone for dlimitinc.com would make the CDDC1 server think it was
authoritative for the zone, and records stored on the DLIDC1 server would not be replicated to the zone.

15. You are an independent computer consultant. You have been called in by your newest customer, SouthSim, which is
redesigning its corporate network.

The company network consists of a single domain named southsim.local. Three locations are in the company: Headquarters,
Branch1, and Branch2. A single domain controller at company headquarters holds an Active Directory-integrated zone
for southsim.local. DNS2 and DNS3 are Windows Server 2012 R2 servers configured as caching-only DNS servers.
DNS name resolution has been very slow. You have been given the following two priorities:
Speed up DNS name resolution.
Provide for redundancy of the DNS information.
What should you do?

Install a second domain controller at headquarters.

Configure DNS2 and DNS3 with a primary zone of southsim.local.

Install Active Directory on DNS2 and DNS3 and make them domain controllers of the existing domain.
 Configure DNS2 and DNS3 with a stub zone of southsim.local.

You can improve DNS name resolution and provide fault tolerance by making DNS2 and DNS3 domain controllers.
When you install Active Directory, the two new domain controllers will also receive a copy of the DNS zone data that
has been integrated into Active Directory. DNS requests in the branch office will be fully resolved by the local DNS
server because each server will hold a complete set of data for the zone.
Configuring a primary zone on each server will eliminate all zone transfer with the master server at headquarters.
This will temporarily improve name resolution, but will make name resolution stop altogether after the database
becomes outdated. Configuring a stub zone will not improve name resolution above a caching-only server.
Configuring a second domain controller at headquarters will improve fault tolerance of DNS data, but will not
improve name resolution to the branch offices. Even if the new domain controller was configured as a DNS server,
the improvement of adding a second DNS server would be small compared the improvement that could be gained
by placing the zones in the branch offices.

16. Your company's internal namespace is westsim.local. This domain has two additional child domains
named support.westsim.local and research.westsim.local. Due to security concerns, your company's internal network is not
connected to the Internet.

Following are the DNS servers that you manage for your company:
Dns1, authoritative for . and westsim.local, IP address = 192.168.1.1
Dns2, authoritative for support.westsim.local, IP address = 192.168.2.1
Dns3, authoritative for research.westsim.local, IP address = 192.168.3.1
All internal DNS domains are Active Directory-integrated domains. You have configured Dns1 with appropriate delegation
records for the child zones. You need to configure root hints for Dns2 and Dns3.
What should you do?

In DNS Manager, edit the properties for Dns2 and Dns3. On the Root Hints tab, remove all entries, then add an

entry for Dns1.

Edit the Cache.dns file on Dns1. Delete all entries in the file.

In DNS Manager, edit the properties for Dns2 and Dns3. On the Root Hints tab, select the Copy from

server option, and specify 192.168.1.1 as the server to copy from.

Copy the Cache.dns file from Dns1 to Dns2 and Dns3.

The Dns2 and Dns3 servers need a root hint to Dns1, which is an internal root zone server. You can configure
root hints through the properties of a DNS server or by configuring the DNS server's Cache.dns file. Make sure no
other root hints exist (such as to Internet root servers).
 Copying root hints from another server adds to the existing root hints rather than replacing them. In addition, if
you copied root hints from Dns1, Dns2 and Dns3 would have root hints to all root Internet servers. In this
configuration, you want Dns2 and Dns3 to have a single root hint to Dns1.

17. You are setting up a new network in a single location with a single domain named eastsim.com. All servers run Windows
Server 2012 R2, and all clients run Windows 8.

You install a DHCP server and configure it with a scope for the single subnet. You install a DNS server with a primary zone for
the domain.
You want to use dynamic updates to update DNS records in the zone automatically.
What should you do?

Enable dynamic updates on the eastsim.com zone.

Enable dynamic updates on all client computers.

Configure the DHCP server to update DNS records for all clients.

Convert the eastsim.com zone to an Active Directory integrated zone.

By default, primary zones are configured not to accept dynamic updates. You need to modify the zone properties to
allow dynamic updates. After you configure the zone for dynamic updates, the default configuration of the clients
and the DHCP server will allow them to happen.

The default configuration for dynamic updates is:

Primary zones are not configured for dynamic updates.

Active Directory integrated zones are configured to allow only secure updates. However, converting
an existing zone retains the dynamic update settings of the zone.

Windows clients are configured for dynamic updates.

DHCP servers are configured to submit reverse lookup information for hosts to which it assigns an
address.

DHCP servers are configured to updated host name records only if the client requests it.

18. You are the administrator for the Seattle office of WestSim Corporation. Zone information for the
entire westsim.com domain is stored in a primary zone on the portland.westsim.com server located in the Portland office.

There is a T1 line between the Seattle and Portland offices, but the line is often saturated with heavy network traffic, which
makes name resolution for those in the Seattle office very slow.
What can you do to improve DNS performance for computers in the Seattle office?

Install a DNS server in the Seattle location. Configure it with a primary zone of the westsim.com domain.

Install a DNS server in the Seattle location. Configure it with a secondary zone of the westsim.comdomain.

Install a DNS server in the Seattle location. Configure it with an Active Directory integrated zone of

thewestsim.com domain.

On the portland.westsim.com computer, create a new zone called seattle.westsim.com. Make it a primary

zone, and configure it to use incremental updates.

Name resolution is slow because all name resolution requests must go across the WAN link. You can speed
name resolution by placing a DNS server in the Seattle location. The server can handle name resolution
requests without crossing the WAN link. Because the DNS data is currently stored in a primary zone, the new
server must hold a secondary zone of the westsim.com domain.
You can only have a single server holding the primary copy of a zone. Adding a primary zone to the Seattle
location means that each thinks it has the only copy of the zone information. Creating an Active Directory
integrated zone in the Seattle location would only work if you also changed the zone type held on
theportland.westsim.com computer.
Creating a new domain for the Seattle location would only improve name resolution performance for the Seattle
office if the zone information were stored on a server in the Seattle location.

19. You are the network administrator for a single domain with three subnets.

Two subnets have all Windows 8 computers. The conference room uses the third subnet. Traveling salesmen come to the
conference room and plug in their laptops to gain network access.
You have configured a DHCP server to deliver configuration information to hosts on this subnet. DNS is configured for dynamic
updates.
Over time, you notice that the size of the DNS database continues to grow. It is beginning to have an adverse effect on DNS
server performance.
What should you do?

Enable scavenging of stale resource records on the zone.

Clear the DNS cache on the server.

 Decrease the TTL for the SOA record.

Compact the DNS zone file.

If hosts who register their host name with DNS using dynamic updates do not shut down normally, the
corresponding host record might not get removed from the DNS database. This happens particularly when
the network has a large number of mobile computers. To remove old records, enable scavenging of stale
records on the zone.
Clearing the cache only removes temporary records, not dynamically-created records. Decreasing the TTL
makes records eligible for removal sooner, but scavenging would still be necessary to actually remove the
records.

20. You are the systems administrator for EastSim Corporation. Domain controllers at headquarters host Active Directory
integrated zones for the domain eastsim.com domain.

The company has recently purchased a small design company located in Tampa. The new company will become a branch
office connected to headquarters with a T-1 line. You have been sent to integrate the branch office into the corporate network.
The existing network in Tampa is using a UNIX BIND-based DNS server. Rather than replace this server, you decide to use it to
provide name resolution for the branch office. You want all clients in the branch office to be able to resolve hostnames for hosts
in the eastsim.com domain. You want to minimize network traffic across the WAN link and provide the fastest name resolution
services possible.
What should you do?

Create a secondary zone on the UNIX DNS server. Have it replicate data from one of the domain controllers

configured as a DNS server.

On one of the DNS servers at headquarters, change the zone type for eastsim.com to a primary zone. Change

the zone type for all other DNS servers to secondary zones. Create a secondary zone on the UNIX DNS server. Have
it replicate data from one of the DNS servers at headquarters.

Create a primary zone on the UNIX DNS server. Have it replicate data from one of the domain controllers

configured as a DNS server.

Configure the UNIX server as a caching-only server. Have it forward name requests to a DNS server at

headquarters.
 On one of the DNS servers at headquarters, change the zone type for eastsim.com to a primary zone. Change

the zone type for all other DNS servers to secondary zones. Create a secondary zone on the UNIX DNS server. Have
it replicate data from one of the primary zone at headquarters.

Create a secondary zone on the UNIX DNS server. Active Directory integrated zones can replicate data to
other zones, even zones hosted by non-Windows servers. Performance is improved by placing a zone on
the DNS server.
Primary zones do not receive data from other sources. If you created a primary zone on the UNIX DNS
server, it would be a unique zone with the same name as the Active Directory integrated zone. It would not
replicate with the Active Directory integrated zone.