A new company registers the domain name of contoso.com. The company has a web presence on the
Internet. All Internet resources have names that use a DNS suffix of contoso.com.
A third-party hosts the Internet resources and is responsible for managing the contoso.com DNS zone on
the Internet. The zone contains several hundred records.
The company plans to deploy an Active Directory forest.
You need to recommend an Active Directory forest infrastructure to meet the following requirements:
Ensure that users on the internal network can resolve the names of the
company’s Internet resources.
Minimize the amount of administrative effort associated with the
addition of new Internet servers.
What should you recommend?
A.
A forest that contains a single domain named contoso.local
B.
A forest that contains a root domain named contoso.com and another domain named contoso.local
C.
A forest that contains a root domain named contoso.com and another domain named ad.contoso.com
D.
A forest that contains a single domain named contoso.com
Explanation:
Rules for Selecting a Prefix for a Registered DNS Name
Select a prefix that is not likely to become outdated.
Avoid names such as a business line or operating system that might change in the future. Generic names
such as corp or ds are recommended.
Incorrect:
not A, not B: Using single label names or unregistered suffixes, such as .local, is not recommended.
Selecting the Forest Root Domain
https://technet.microsoft.com/en-us/library/cc726016(v=ws.10).aspx
OK, the given answer makes no sense to me. Where the hell did ‘ad.contoso.com’ come from?
I’ve re-read this a dozen times and the best answer that fits here is “D.” All you need is a single domain in the forest. Let the third party host the website and the ISP do the heavy-lifting for external DNS.
The only problem I can see with your answer of D, is the statement regarding “minimize the amount of effort associated with the addition of new Internet servers”.
Basically, what you’re implementing is split brain DNS. If you add a new Internet server, you’ll need to add a new entry on your external DNS servers, as well as your internal DNS servers. This is not minimizing effort.
If the answer is A, you’ll only need to add a new entry on the external side.
I agree with A
split brain dns causes a more headaches
I believe the answer is correct as stated.
“C”
I would agree that A would be the best answer but Microsoft has a best practice ruling AGAINST using .local as a domain name in a production environment
https://social.technet.microsoft.com/wiki/contents/articles/34981.active-directory-best-practices-for-internal-domain-and-network-names.aspx
Dummy DNS name vs official DNS name
In the past, lots of people chose to use a dummy, unofficial TLD (top-level-domain) for their internal network, like domain.lan, domain.local of domain.internal (and also domain.internalhost)
But this can get you in serious trouble. Because these names are not supported by internet standards, the most important RFC on this is: RFC 2606 (http://tools.ietf.org/html/rfc2606 ) This RFC standard is very explicit on choosing domain names for private testing and documentation
.test
.example
.invalid
.localhost
But also for documentation some 2nd level domains are reserved
example.com
example.net
example.org
As you can see, these names are created for testing and not for production.