Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Company Alpha has one location that contains the executive management team and a

ID: 3540966 • Letter: C

Question

Company Alpha has one location that contains the executive management team and all IT support, located in San Jose, CA, which contains one subnet. There are five other locations that are each organized using two subnets, each using static IPv4 addresses: Los Angeles, CA; Reno, NV; San Diego, CA; Seattle, WA; and Portland, OR.  Describe the most likely domain model for the organization.

Note. The organization does not have an Internet presence but requires Internet access.

Company Alpha has one location that contains the executive management team and all IT support, located in San Jose, CA, which contains one subnet. There are five other locations that are each organized using two subnets, each using static IPv4 addresses: Los Angeles, CA; Reno, NV; San Diego, CA; Seattle, WA; and Portland, OR. Describe the most likely domain model for the organization. Note. The organization does not have an Internet presence but requires Internet access. How will you decide whether to use both forward and reverse lookup zones? Why might you consider installing a redundant DNS infrastructure? The San Jose office has an ISDN line that is part of a long-term lease. This line is occasionally used to send and receive potentially sensitive information. What type of server or server role is needed to handle this type of traffic?

Explanation / Answer

QUES-Why might you consider installing a redundant DNS infrastructure?



ANS-Not everyone has the experience necessary to design solutions for infrastructure-level applications, such as DNS (or for Web and mail, but that's another topic). If you follow a basic set of guidelines, though, you can have a stable and scalable DNS server without much hassle. Stability and scalability are the two qualities that all architects strive for. Of course, DNS servers can be implemented in other ways; every systems administrator seemingly has her own tricks for configuring a system. Keep in mind that every clever trick you use in configuring a system is one more headache you have when you're troubleshooting the system later on. Strive for simplicity, and your sanity will thank you.



Keeping the server secure


Security is paramount when you're configuring a DNS server. You may think that security is truly important only in an Internet Service Provider (ISP) setting, to avoid Web page hijacking or e-mail spoofing, but it's equally important in a corporate setting. DNS security is quite important in an ISP. If an intruder gains access to your DNS server, he can point A records to other servers containing defaced Web pages, which is as good as gaining access to the original Web server itself and defacing the page. The intruder's access can also be used to change the MX record for a domain, which has even worse consequences. By pointing the MX record to a mail server, the intruder controls and even takes ownership of the domain by submitting changes to the domain registry. Note that this insecurity is not so much a fault in the DNS infrastructure as it is the fault of the domain administrators who use MAIL-TO as an authentication method for their domains.



DNS security is equally important in a corporate setting, although it has a more subtle importance. The problem in a corporate environment is the same as in an ISP: An intruder can change DNS records to point to a server he controls. In this case, he can steal important data by making users think that it's going to a real server when it's really going to the rogue server. Remember that most attacks on corporate networks come from inside the corporation, so DNS security is important even if you have a firewall or even no Internet connection.



DNS does not run in a vacuum. Not only does your DNS service need to be secured, but the operating system you use and the physical server also need to be thoroughly examined and tested. Even if you have secured the DNS services properly, all is for naught if a network intruder can gain administrative- or root-level control of the server that is hosting DNS.



Perhaps most obvious, you should physically secure the server in a location where only authorized users can gain access. You should also restrict, using operating system policies, nonadministrative personnel from being able to log on to the server. Regularly check with your operating system vendor for software updates and security alerts. The security of the server that is hosting DNS is "Job #1"

Related Questions

Company A needs a new steam finishing machine that costs $100,000. The company i
Question #2715464
Company A needs new equipment for a project and is deciding whether it makes mor
Question #2719450
Company A owns a patent with 15 years of remaining life. Company B is paying roy
Question #2505710
Company A owns shares of Company B and Company C. The statements of Company B ar
Question #462001
Company A owns shares of Company B and Company C. The statements of Company B ar
Question #2588805
Company A performs a quarterly analysis to estimate it\'s excess and obsolete in
Question #2393031
Company A plans on acquiring Company B by making a cash offer of $ 27 per share
Question #2804739
Company A promised life employment. Life without employment means one month lay
Question #1115020
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Company Abel has total sales of $375,000, of which, $125,000 represent cash sale
Next
Company Analysis Choose a public company that has inventory and receivables for

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.