Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
Your network contains an Active Directory domain named contoso.com. The domain contains a DNS server named Server1. All client computers run Windows 10.
On Server1, you have the following zone configuration.
You need to ensure that all of the client computers in the domain perform DNSSEC validation for the fabrikam.com namespace.
Solution: From Windows PowerShell on Server1, you run the Add-DnsServertrustAnchor cmdlet.
Does this meet the goal?
A . Yes
B . No
Answer: B
Explanation:
The Add-DnsServerTrustAnchor command adds a trust anchor to a DNS server. A trust anchor (or trust “point”) is a public cryptographic key for a signed zone. Trust anchors must be configured on every non-authoritative DNS server that will attempt to validate DNS data. Trust Anchors have no direct relation to DSSEC validation.
References:
https://technet.microsoft.com/en-us/library/jj649932.aspx
https://technet.microsoft.com/en-us/library/dn593672(v=ws.11).aspx
Latest 70-741 Dumps Valid Version with 259 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund