You have a server named Server1 that runs Windows Server 2012 R2. Server1 is located in
the perimeter network and has the DNS Server server role installed.
Server1 has a zone named contoso.com.
You App1y a security template to Server1.
After you App1y the template, users report that they can no longer resolve names from
contoso.com.
On Server1, you open DNS Manager as shown in the DNS exhibit. (Click the Exhibit button.)
On Server1, you open Windows Firewall with Advanced Security as shown in the Firewall
exhibit. (Click the Exhibit button.)
You need to ensure that users can resolve contoso.com names.
What should you do?
A.
From Windows Firewall with Advanced Security, disable the DNS (TCP, Incoming) rule
and the DNS (UDP, Incoming) rule.
B.
From DNS Manager, modify the Zone Transfers settings of the contoso.com zone.
C.
From DNS Manager, unsign the contoso.com zone.
D.
From DNS Manager, modify the Start of Authority (SOA) of the contoso.com zone.
E.
From Windows Firewall with Advanced Security, modify the profiles of the DNS (TCP,
Incoming) rule and the DNS (UDP, Incoming) rule.
Should be the answer is (E) + Enable rules ? ( which currently is grey out due to disbale? )
I think you have to change the profile settings for the DNS rules…
Shouldn’t need to change the profile. This DNS Server is in an EDGE network, so most likely not in a domain (it isn’t mentioned that it is in an AD Domain). So changing the profile to Domain is not possible and I doubt the interface is set as Public.
E.
From Windows Firewall with Advanced Security, modify the profiles of the DNS (TCP,
Incoming) rule and the DNS (UDP, Incoming) rule.