ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-412 All Questions

View all questions & answers for the 70-412 exam
Go to Exam

Exam 70-412 topic 3 question 178 discussion

Actual exam question from Microsoft's 70-412
Question #: 178
Topic #: 3
[All 70-412 Questions]

HOTSPOT -
Your network contains an Active Directory domain named adatum.com. All servers run Windows Server 2012 R2. All domain controllers have the DNS Server server role installed.
You have a domain controller named DC1. On DC1, you create an Active Directory-integrated zone named adatum.com and you sign the zone by using DNSSEC.
You deploy a new read-only domain controller (RODC) named R0DC1.
You need to ensure that the contoso.com zone replicates to R0DC1.
What should you configure on DC1? To answer, select the appropriate tab in the answer area.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
http://technet.microsoft.com/en-us/library/cc781340(v=ws.10).aspx
Foradditional servers to host a zone, zone transfers are required to replicate and synchronize all copies of the zone used at each server configured to host the zone.
by DanStafford at March 21, 2020, 1:14 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
wazmac
Highly Voted 5 years ago
I believe the answer is correct due to the Zone being signed using DNSSEC, a good explanation can be found at this link, check out the last comment, it's to big to post here. http://www.briefmenow.org/microsoft/what-should-you-configure-on-dc1-13/
upvoted 5 times
...
DanStafford
Most Recent 4 years, 10 months ago
Wazmac is correct. I have since learned that RODC's will load an AD-Integrated zone that has been signed with DNSSEC as a standard secondary zone, and zone transfers MUST be configured for replication to occur to the RODC. If the zone were NOT signed with DNSSEC, and AD-integrated zone would replicate to the RODC via AD replication. It's the combination of DNSSEC with an RODC that makes all the difference here.
upvoted 2 times
...
DanStafford
5 years, 1 month ago
The question has no valid answer in this context because it states that the zone is Active Directory-integrated. I suspect it should have stated that the zone was a standard primary zone and not AD-integrated.
upvoted 1 times
...
DanStafford
5 years, 1 month ago
https://social.technet.microsoft.com/wiki/contents/articles/4031.how-read-only-domain-controllers-and-dns-works.aspx
upvoted 1 times
...
DanStafford
5 years, 1 month ago
"On DC1, you create an Active Directory-integrated zone..." Active Directory-integrated zones replicate via Active Directory replication, NOT zone transfers. An RODC is still a DC, it's just that the replication is one-way. https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/active-directory-integrated-dns-zones
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago