ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-412 All Questions

View all questions & answers for the 70-412 exam
Go to Exam

Exam 70-412 topic 2 question 26 discussion

Actual exam question from Microsoft's 70-412
Question #: 26
Topic #: 2
[All 70-412 Questions]

You have a server named Server1 that runs Windows Server 2012 R2. Server1 is located in the perimeter network and has the DNS Server server role installed.
Server1 has a zone named contoso.com.
You App1y a security template to Server1.
After you App1y the template, users report that they can no longer resolve names from contoso.com. On Server1, you open DNS Manager as shown in the DNS exhibit. (Click the Exhibit button.)

On Server1, you open Windows Firewall with Advanced Security as shown in the Firewall exhibit.
(Click the Exhibit button.)

You need to ensure that users can resolve contoso.com names.
What should you do?

  • A. From Windows Firewall with Advanced Security, disable the DNS (TCP, Incoming) rule and the DNS (UDP, Incoming) rule.
  • B. From DNS Manager, modify the Zone Transfers settings of the contoso.com zone.
  • C. From DNS Manager, unsign the contoso.com zone.
  • D. From DNS Manager, modify the Start of Authority (SOA) of the contoso.com zone.
  • E. From Windows Firewall with Advanced Security, modify the profiles of the DNS (TCP, Incoming) rule and the DNS (UDP, Incoming) rule.
Show Suggested Answer Hide Answer
Suggested Answer: E 🗳️
To configure Windows Firewall on a managed DNS server
1. On the Server Manager menu, click Tools and then click Windows Firewall with Advanced Security.
2. Right-click Inbound Rules, and then click New Rule. The New Inbound Rule Wizard will launch.
3. In Rule Type, select Predefined, choose DNS Service from the list, and then click Next.
4. In Predefined Rules, under Rules, select the checkboxes next to the following rules:
✑ RPC (TCP, Incoming)
✑ DNS (UDP, Incoming)
✑ DNS (TCP, Incoming)
✑ RPC Endpoint Mapper (TCP, Incoming)
5. Click Next, choose Allow the connection, and then click Finish.
6. Right-click Inbound Rules, and then click New Rule. The New Inbound Rule Wizard will launch. etc.
Reference: Manually Configure DNS Access Settings
by U4ea at Feb. 17, 2020, 8:53 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
DanStafford
4 years, 11 months ago
Or because they're only allowed for the Private profile...
upvoted 3 times
...
U4ea
5 years, 3 months ago
Anyone has an idea why you would need to edit the already enabled DNS rules?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel