A new company registers the domain name of contoso.com. The company has a web
presence on the Internet. All Internet resources have names that use a DNS suffix of
contoso.com.
A third-party hosts the Internet resources and is responsible for managing the contoso.com
DNS zone on the Internet. The zone contains several hundred records.
The company plans to deploy an Active Directory forest.
You need to recommend an Active Directory forest infrastructure to meet the following
requirements:
Ensure that users on the internal network can resolve the names of the company’s Internet
resources.
Minimize the amount of administrative effort associated with the addition of new Internet
servers.
What should you recommend?
A.
A forest that contains a single domain named contoso.local
B.
A forest that contains a root domain named contoso.com and another domain named
contoso.local
C.
A forest that contains a root domain named contoso.com and another domain named
ad.contoso.com
D.
A forest that contains a single domain named contoso.com
Correct answer: C
Rules for Selecting a Prefix for a Registered DNS Name Select a prefix that is not likely to become outdated. Avoid names such as a business line or operating system that might change in the future. Generic names such as corp or ds are recommended.
Incorrect:
not A, not B: Using single label names or unregistered suffixes, such as .local, is not recommended.
You’re not considering the part that says “minimize the administrative effort associated with the addition of new Internet servers”. Anytime the public website/domain gets a new prefix(mail., remote., etc.), you also need to add that record into the internal DNS zone. That is not minimizing admin effort. A domain with a separate name will be cleaner, and will always reference out to an Internet DNS server for the public domain’s DNS records. No need for additional work internally.
agree with Billy. Answer is A.
If contoso.local changes to contoso.intranet, answer A will be more understandable.
About C.
If you create the ad.contoso.com domain, and the third-party which hosts the Internet resources and is responsible for managing the contoso.com
DNS zone on the Internet, wanna publish a advertisement website with http://ad.contoso.com.
In this case you will cost a great amount of administrative effort.
Chriss is correct. Correct Answer C:
Took me a bit but found the MS recommendation.
It specifically says NOT to use .local.
https://technet.microsoft.com/en-us/library/cc738121(WS.10).aspx
https://technet.microsoft.com/en-us/library/cc738121(WS.10).aspx
TechNet article 726016[5] cautioned against using .local:
…we do not recommend using unregistered suffixes, such as .local.
https://technet.microsoft.com/en-us/library/cc726016(v=ws.10).aspx
https://en.wikipedia.org/wiki/.local
“.local” is not recommended by Microsoft as per “https://technet.microsoft.com/en-us/library/cc738121(WS.10).aspx”. So “A” can not be a correct answer. “childdomain.contoso.com” would have been a better answer.
Answers B, C & D all include “contoso.com” root domain. Hence, a DNS server that is authoritative for “contoso.com” domain. Any addition of new internet servers will require changes on ISP DNS & root domain DNS for these server to be accessible to internal users.
If I have to choose between B,C & D, & I would go for D as it is the solution with least administrative work compared to B & C.
Whilst there is a lot of discussion about .local, many by Apple & Apple users, Microsoft do not care about them…
Answer : A
As both Bill and Henry state / imply, the question asks “Ensure that users on the internal network can resolve the names of the company’s Internet resources & Minimize the amount of administrative effort associated with the addition of new Internet servers.”
Whilst the first requirement can be achieved with DNS, having to create internal entries for the respective external entries does not “minimize” administrative effort…
As such, old school AD design & articles prevail ( going back to the days when MS recommended .local ), as this is the only option that would achieve both results…
This is a pretty simple configuration. If you have a bunch of external DNS records you can either use the contoso.com and create a split-dns zone with the external records, creating hundreds of entries or use .local and do nothing.
The Correct Answer is A.