Your network contains an Active Directory domain named contoso.com. The domain contains two sites named Site1 and Site2. The servers for the sites are configured as shown in the following table.
Server1 hosts a standard primary zone for contoso.com. Server2 hosts a secondary zone for contoso.com. You need to ensure that all DNS replication traffic between Server1 and Server2 is encrypted.
What should you do?
A.
On Server1, configure DNSSEC for the contoso.com zone.
B.
On Server1, convert the contoso.com zone to an Active Directory-integrated zone.
C.
On each server, create connection security rules.
D.
On each server, enable Encrypting File System (EFS) encryption for the contoso.com.dns file.
Explanation:
you can only use AD-integrated zones on domain controllers.
that explanation is correct however, if that is correct then that means question 105 is incorrect. So therefore the answer for this one should be letter B.
Active Directory replication Traffic is encrypted.
http://technet.microsoft.com/en-us/library/cc781101(v=ws.10).aspx
the 105 is “Two Domain Controller”
The answer is “C” because Server2 is a DNS server but it is not a Domain Controller. Therefore, converting the zone on Server1 to an Active Directory integrated DNS zone will not work.
You are right