Your network contains an Active Directory forest named contoso.com. The functional level of
the forest is Windows Server 2008 R2.
The DNS zone for contoso.com is Active Directory-integrated.
You deploy a read-only domain controller (RODC) named RODC1. You install the DNS
Server server role on RODC1.
You discover that RODC1 does not have any DNS application directory partitions.
You need to ensure that RODC1 has a copy of the DNS application directory partition of
contoso.com.
What should you do? (Each correct answer presents a complete solution. Choose two.)

A.
From DNS Manager, right-click RODC1 and click Create Default Application Directory
Partitions.

B.
Run ntdsutil.exe. From the Partition Management context, run the create nc command.

C.
Run dnscmd.exe and specify the /createbuiltindirectorypartitions parameter.

D.
Run ntdsutil.exe. From the Partition Management context, run the add nc replica
command.

E.
Run dnscmd.exe and specify the /enlistdirectorypartition parameter.

Explanation:
http://technet.microsoft.com/en-us/library/cc742490.aspx
RODC Post-Installation Configuration
If you install DNS server after the AD DS installation, you must also enlist the RODC in the
DNS application directory partitions. The RODC is not enlisted automatically in the DNS
application directory partitions by design because it is a privileged operation. If the RODC
were allowed to enlist itself, it would have permissions to add or remove other DNS servers
that are enlisted in the application directory partitions.
To enlist a DNS server in a DNS application directory partition
1. Open an elevated command prompt.
2. At the command prompt, type the following command, and then press ENTER:
dnscmd<ServerName> /EnlistDirectoryPartition <FQDN>
For example, to enlist RODC01 in the domain-wide DNS application directory partition in a
domain named child.contoso.com, type the following command:
dnscmd RODC01 /EnlistDirectoryPartition DomainDNSZones.child.contoso.com
You might encounter the following error when you run this command:
Command failed: ERROR_DS_COULDNT_CONTACT_FSMO 8367 0x20AF
If this error appears, use NTDSUTIL to add the RODC for the partition to be replicated:
1. ntdsutil
2. partition management
3. connections
4. Connect to a writeable domain controller (not an RODC): connect to server
<WriteableDC>.Child.contoso.com
5. quit
6. To enlist this server in the replication scope for this zone, run the following command: add
NC Replica DC=DomainDNSZones,DC=Child,DC=Contoso,DC=Com <rodc Server>.Child.
contoso.com
Original explanation:
Please Check but I think this should be A and C and not A and D.
I have changed it to A and C.
Reason: Once the application directory partition is created, contoso.com should replicate to
it.
Dnscmd /enlistdirectorypartition — Adds the DNS server to the specified directory partition’s
replica set.
Dnscmd /createbuiltindirectorypartitions Creates a DNS application directory partition. When
DNS is installed, an application directory partition for the service is created at the forest and
domain levels. Use this command to create DNS application directory partitions that were
deleted or never created. With no parameter, this command creates a built-in DNS directory
partition for the domain.
To create the default DNS application directory partitions
Using the Windows interface
Open DNS.
In the console tree, right-click the applicable DNS server.
Where?
DNS/applicable DNS server
Click Create Default Application Directory Partitions.

Follow the instructions to create the DNS application directory partitions.