You have a server named Server1 that runs Windows Server 2012 R2. Server1 is located in the perimeter
network and has the DNS Server server role installed.
Server1 has a zone named contoso.com.
You App1y a security template to Server1.
After you App1y the template, users report that they can no longer resolve names from contoso.com. On
Server1, you open DNS Manager as shown in the DNS exhibit. (Click the Exhibit button.)
On Server1, you open Windows Firewall with Advanced Security as shown in the Firewall exhibit.
(Click the Exhibit button.)
You need to ensure that users can resolve contoso.com names.
What should you do?
A.
From Windows Firewall with Advanced Security, disable the DNS (TCP, Incoming) rule and the DNS (UDP,
Incoming) rule.
B.
From DNS Manager, modify the Zone Transfers settings of the contoso.com zone.
C.
From DNS Manager, unsign the contoso.com zone.
D.
From DNS Manager, modify the Start of Authority (SOA) of the contoso.com zone.
E.
From Windows Firewall with Advanced Security, modify the profiles of the DNS (TCP, Incoming) rule and
the DNS (UDP, Incoming) rule.
Explanation:
To configure Windows Firewall on a managed DNS server
1. On the Server Manager menu, click Tools and then click Windows Firewall with Advanced Security.
2. Right-click Inbound Rules, and then click New Rule. The New Inbound Rule Wizard will launch.
3. In Rule Type, select Predefined, choose DNS Service from the list, and then click Next.
4. In Predefined Rules, under Rules, select the checkboxes next to the following rules:
RPC (TCP, Incoming)
DNS (UDP, Incoming)
DNS (TCP, Incoming)
RPC Endpoint Mapper (TCP, Incoming)
5. Click Next, choose Allow the connection, and then click Finish.
6. Right-click Inbound Rules, and then click New Rule. The New Inbound Rule Wizard will launch.
etc.
Manually Configure DNS Access Settings