What needs to be done to ensure Clients are able to establish an STTP-based VPN connection?
Install AD CS role on network
Create & Install Server Authentication Certificate on VPN Server
Install root CA certificate of VPN server's computer certificate on the client computers
Difference between Iterative and Recursive DNS Queiries
With a recursive name query , the DNS client requires that the DNS server respond to the client with either the requested resource record or an error message stating that the record or domain name does not exist.
An iterative name query is one in which a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral (that is, a pointer to a DNS server authoritative for a lower level of the domain namespace).
Creates a copy of a zone that can be updated directory on this server
Full read/write priveliges
Can be stored in Active Directory
Creates a copy of a zone that exists on another server. This option helps balance the processing load of a primary servers and provides fault tolerance
Cannot be saved to Active Directory
Creates a copy of a zone containing only Name Server (NS), Start of Authority (SOA), and possibly glue Host (A) records. A server containing a stub zone is not authoritative for that zone
Can be saved in Active Directory
Active Directory Zone Replication Scope
To all DNS servers in this forest:Security.local
To all DNS servers in this domain: Security.local
To all domain controllers in this domain (for Windows 2000 compatibility):Security.local
Host Records (A or AAAA)
Maps a DNS domain name to a 32 (A) bit or 128 (AAAA) bit address
Host - A - name + IP
A DNS record type that specifies other names for existing hosts. This allows a DNS administrator to assign multiple DNS hostnames to a single DNS host. Also known as an alias record.
alias - cname - name +name host
Mail Exchanger (MX)
A DNS record that allows email applications to locate email servers.
mail - mx - name + name host + priority
the lower the priority is more desirable
Service Record (SRV)
Record that enables clients to locate servers providing a particular service.
Service - SRV - name + port
This command line tool can perfom most of the commands the DNS console does. Can script batch files to automate management tasks.
Ports to know
21 - FTP
23 - telnet
25 - SMTP
80 - HTTP (Browsing)
110 - POP
143 - IMAP
3 types of IPv6 Addresses
Global start with GA
Link Local (like IPv4 APIPA)
Unique Local (like IPv4 private) begin with FD
Three states of IPv6 addresses
tentative - between first assignation and verification that address is unique
preffered - communicate on network normally, stay in this state through address' lifetime
depracated - expired IPv6 address, no new connections can be created but all connections prior to depracation will continue until the end of that connection
DHCP Stateless Mode
Stateless is the default addressing mode for IPv6
Addresses are configured without DCHP Server
Options are obtained from the server
Client uses Router Solicitation and Router Advertisement messages for self configuraton