ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-412 All Questions

View all questions & answers for the 70-412 exam
Go to Exam

Exam 70-412 topic 3 question 17 discussion

Actual exam question from Microsoft's 70-412
Question #: 17
Topic #: 3
[All 70-412 Questions]

HOTSPOT -
Your network contains an Active Directory domain named contoso.com. All servers run Windows Server 2012 R2.
The domain contains two domain controllers. The domain controllers are configured as shown in the following table.

On DC1, you create an Active Directory-integrated zone named Zone1. You verify that Zone1 replicates to DC2.
You use DNSSEC to sign Zone1.
You discover that the updates to Zone1 fail to replicate to DC2.
You need to ensure that Zone1 replicates to DC2.
What should you configure on DC1?
To answer, select the appropriate tab in the answer area.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
We most allow and configure zone transfers.
To modify zone transfer settings using the Windows interface
✑ Open DNS Manager.
✑ Right-click a DNS zone, and then click Properties.
✑ On the Zone Transfers tab, do one of the following:
- To disable zone transfers, clear the Allow zone transfers check box.
- To allow zone transfers, select the Allow zone transfers check box.
✑ If you allowed zone transfers, do one of the following:
- To allow zone transfers to any server, click To any server.
- To allow zone transfers only to the DNS servers that are listed on the Name Servers tab, click Only to servers listed on the Name Servers tab.
- To allow zone transfers only to specific DNS servers, click Only to the following servers, and then add the IP address of one or more DNS servers.
Reference: Modify Zone Transfer Settings
by DanStafford at Feb. 25, 2020, 3:01 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
DanStafford
4 years, 11 months ago
Wazmac, thank you. Also for reference the original Microsoft Technet link is below. The zo ne transfers must be manually allowed because of how an RODC treats a DNSSEC-protected zone: http://www.briefmenow.org/microsoft/what-should-you-configure-on-dc1/
upvoted 1 times
wazmac
4 years, 11 months ago
Thanks DanStafford. :)
upvoted 2 times
...
...
wazmac
5 years, 2 months ago
Hi Dan, found an explanation on this link - http://www.briefmenow.org/microsoft/what-should-you-configure-on-dc1/
upvoted 2 times
...
DanStafford
5 years, 3 months ago
I'm a little confused by the answer. If the zone is Active Directory-integrated, doesn't zone change replication happen through AD replication? I thought zone transfers were not performed when replicating AD-integrated zones between DC's running DNS server?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel