You are the systems engineer for Contoso, Ltd. The network consists of a single Active Directory domain named contoso-ad.com. All servers run Windows Server 2003.
A Windows Server 2003 computer named DNSSRV1 functions as the internal DNS server and has zones configured as shown in the exhibit.
The network is not currently connected to the Internet. The company maintains a separate network that contains publicly accessible Web and mail servers. These Web and mail servers are members of a DNS domain named contoso.com. The contoso.com zone is hosted by a UNIX-based DNS server named UNIXDNS, which is running the latest version of BIND. The company plans to allow users of the internal network to access Internet-based resources. The company’s written security policy states that resources located on the internal network must never be exposed to the Internet. The written security policy also states that the internal network’s DNS namespace must never be exposed to the Internet. To meet these requirements, the design specifies that all name resolution requests for Internet-based resources from computers on the internal network must be sent from DNSSRV1. The current design also specifies that UNIXDNS must attempt to resolve any name resolution requests before sending them to name servers on the Internet.
You need to plan a name resolution strategy for Internet access. You need to configure DNSSRV1 so that it complies with company requirements and restrictions.
What should you do?
A.
Delete the root zone from DNSSRV1. Configure DNSSRV1 to forward requests to UNIXDNS.
B.
Copy the Cache.dns file from the Windows Server 2003 installation CD-ROM to the
C.
WindowsSystem32Dns folder on DNSSRV1.
D.
Add a name server (NS) resource record for UNIXDNS to your zone. Configure UNIXDNS with current root hints.
E.
On DNSSRV1, configure a secondary zone named contoso.com that uses UNIXDNS as the master server. Configure UNIXDNS to forward requests to your ISP’s DNS servers.