Your network contains an Active Directory domain named adatum.com.
You have a standard primary zone named adatum.com.
You need to provide a user named User1 the ability to modify records in the zone. Other users must
be prevented from modifying records in the zone.
What should you do first?
A.
Run the Zone Signing Wizard for the zone.
B.
From the properties of the zone, change the zone type.
C.
Run the new Delegation Wizard for the zone.
D.
From the properties of the zone, modify the Start Of Authority (SOA) record.
Explanation:
I believe the correct answer is B.
Explanation:
The Zone would need to be changed to a AD integrated zone When you use directory- integrated zones, you can use access control list (ACL) editing to secure a dnsZone object container in the directory tree. This feature provides detailed access to either the zone or a specified resource record in the zone. For example, an ACL for a zone resource record can be restricted so that dynamic updates are allowed only for a specified client computer or a secure group, such as a domain administrators group. This security feature is not available with standard primary zones DNS update security is available only for zones that are integrated into Active Directory. After you integrate a zone, you can use the access control list (ACL) editing features that are available in the DNS snap-in to add or to remove users or groups from the ACL for a specific zone or for a resource record. Standard (not an Active Directory integrated zone) has no Security settings.
0
0
Correct Answer is B.
0
0
I Looked this question up. The correct answer is B
0
0
Creating a delegation for a zone would be offloading a child zone to another server. It is not a delegation of user permissions. If you have DOMAIN.LOCAL, to reference DNS records in a child domain CHILD.DOMAIN.LOCAL you would create a delegation in DOMAIN.LOCAL that says CHILD.DOMAIN.LOCAL is handled by DC.CHILD.DOMAIN.LOCAL.
The grey _msdcs zone in your first DNS zone is a delegation.
The correct answer is indeed B.
0
0
come on… we’ve all passed 410 and 411 😀
It’s B
1
0