La wiki de TempWin

Herramientas de usuario

Herramientas del sitio

Traza: 110_security 206_system_maintenance 212_system_security conceptos_fundamentales introduccion 209_file_sharing tests_examen lab 202_tests_examen 207_domain_name_server
informatica:certificaciones:lpic:lpic-2:207_domain_name_server

Topic 207: Domain Name Server

Perteneciente a LPIC-2

Deberás poder configurar BIND para que funcione como un servidor DNS solo de almacenamiento en caché. Crear un archivo de zona para una zona de avance o retroceso y sugerencias para servidores de nivel raíz. Configurar un servidor DNS para que se ejecute como un usuario no root y se ejecute en una jaula chroot.

Módulos:

Lo importante de cara al examen:

  • Localización de los ficheros de configuración y utilidades de sevidor BIND.
  • Tipos de servidores DNS (master, slave, cache).
  • Definición de zonas.
  • Creación y modificación de ficheros de zonas directa e inversa.
  • Uso de directivas allow-query/allow-transfer.
  • Configuración Bind en chroot.
  • Conocimiento de DNSSEC.
  • Configuración y uso de firmas de transacción (TSIG).

Tests

What is the purpose of a PTR record?

  • To provide name to IP resolution.
  • To provide IP to name resolution. (Solución)
  • To direct email to a specific host.
  • To provide additional host information.
  • To direct clients to another nameserver .

Using only commands included with named, what is the command, with options or parameters, to make named re-read its zone files?

  • rndc reload

According to the configuration below, what is the e-mail address of the administrator for this domain? 

$TTL 86400
$ORIGIN certkiller.com
@    IN    SOA    mars.certkiller.com. hostmaster.certkiller.com. (
                  2005020801
                  10800
                  3600
                  604800
                  86400 );
  • hostmaster@certkiller.com

The mailserver is currently called fred, while the primary MX record points to mailhost.example.org. What must be done to direct example.org email towards fred?

  • Add an A record for mailhost to fred's IP address.
  • Add a CNAME record from mailhost to fred. (Solución)
  • Add another MX record pointing to fred's IP address.
  • Add a PTR record from mailhost to fred.

Sería algo como: 

fred    IN    CNAME    mailhost.example.org.

DNSSEC is used for?

  • Encrypted DNS queries between nameservers.
  • Cryptographic authentication of DNS zones. (Solución)
  • Secondary DNS queries for local zones.
  • Defining a secure DNS section.
  • Querying a secure DNS section.

No se cifra la información, solo se firma para verificar la autenticidad.

The DNS service is used provide translation of IP addresses to names and is part of the TCP/IP standards that provide this type of functionality.

  • Verdadero (Solución)
  • Falso

The primary configuration file for the BIND name service is located at /etc/named.conf.

  • Verdadero (Solución)
  • Falso

The command 'dig@10.0.1.100 mylabserver.com' would provide what information?

  • None of the above
  • All defined name servers for the 'mylabserver.com' domain
  • All domain information for 'mylabserver.com' domain using the nameserver '10.0.1.100' (Solución)
  • All information pertaining to the names assigned to IP 10.0.1.100

The primary configuration file for client DNS queries is:

  • None of the Above
  • /etc/nsswitch.conf
  • /etc/named.conf
  • /etc/resolv.conf (Solución)

What are the primary internet name servers called?

  • Backbone servers
  • List servers
  • Name servers
  • Root servers (Solución)
informatica/certificaciones/lpic/lpic-2/207_domain_name_server.txt · Última modificación: por tempwin