Home » Microsoft » 70-647 » What should you include in your plan?
Your company has a main office and three branch offices.
Each office has a server that runs Windows Server 2008. The server has the DNS Server role installed. The branch offices contain client computers that run Windows 2000.
You plan to deploy Active Directory Domain Services (AD DS) on the network.
You need to plan a name resolution solution for the deployment of Active Directory Domain Services (AD DS).
The solution must meet the following requirements:
- Support secure dynamic updates.
- Minimize response times for users connecting to resources anywhere on the network.
What should you include in your plan?
A. A GlobalNames zone for the forest.
B. A single Active Directory-integrated DNS zone.
C. A stub zone on the DNS server in each branch office.
D. A standard primary zone in the main office and secondary zones in each branch office.
Correct Answer: B
Explanation/Reference:
Active Directory-Integrated DNS Zones
Domain Name System (DNS) servers running on domain controllers can store their zones in Active Directory Domain Services (AD DS). In this way, it is not necessary to configure a separate DNS replication topology that uses ordinary DNS zone transfers because all zone data is replicated automatically by means of Active Directory replication. This simplifies the process of deploying DNS and provides the following advantages:
Multiple masters are created for DNS replication. Therefore, any domain controller in the domain running the DNS Server service can write updates to the Active Directory-integrated DNS zones for the domain name for which they are authoritative. A separate DNS zone transfer topology is not needed.
Secure dynamic updates are supported. Secure dynamic updates allow an administrator to control what computers update what names and prevent unauthorized computers from overwriting existing names in DNS.
Active Directory-integrated DNS in Windows Server 2008 stores zone data in application directory partitions. (There are no behavioral changes from Windows Server 2003-based DNS integration with Active Directory.) The following DNS-specific application directory partitions are created during AD DS installation:
A forest-wide application directory partition, called ForestDnsZones
Domain-wide application directory partitions for each domain in the forest, named DomainDnsZones
