You network contains one Active Directory domain named adatum.com.
The domain contains a DNS server named Server1 that runs Windows Server 2012 R2. All domain computers use Server1 for DNS. You sign adatum.com by using DNSSEC. You need to configure the domain computers to validate DNS responses for adatum.com records.
What should you configure in Group Policy?
A . Network List Manager Policies
B . Network AccessProtection (NAP)
C . Name Resolution Policy
D . Public Key Policy
Answer: C
Explanation:
Name resolution policy needs to be configured in group policy. "In both example 1 and example 2, validation is not required for thesecure.contoso.com zone because the Name Resolution Policy Table (NRPT) is not configured to require validation.”
References:
https://technet.microsoft.com/en-us/library/jj200221.aspx
Leave a Reply