CompTIA CASP+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Enhance your CompTIA CASP+ exam readiness with our comprehensive quizzes. Sharpen your skills with detailed flashcards and multiple choice questions, each with hints and in-depth explanations. Prepare effectively for this challenging exam!

Practice this question and more.

What should an IT administrator check if a newly installed DNS server in the DMZ is not functioning?

Review the server's access logs for unauthorized access.
Test DNS queries from external hosts specifically.
Check the ACL on the company firewall for configuration mistakes.
Examine the internal DNS server for potential conflicts.

The correct answer is: Check the ACL on the company firewall for configuration mistakes.

For a newly installed DNS server in the DMZ that is not functioning, checking the ACL (Access Control List) on the company firewall for configuration mistakes is essential. The firewall ACL determines which types of traffic are allowed to flow in and out of the DMZ and can have a direct impact on the DNS server's operability. If the ACL is not set up correctly, legitimate DNS queries from external sources may be blocked, preventing the DNS server from responding to requests. Ensuring that the ACL allows DNS traffic (typically UDP and TCP port 53) is crucial for the proper functioning of the server. While reviewing access logs may help identify unauthorized access, it does not directly address the functionality of the DNS service itself. Testing DNS queries from external hosts is critical for verifying whether the server responds correctly, but it is often a step taken after confirming that the firewall is configured correctly. Examining the internal DNS server for conflicts is also important but would not be the first priority if the server in the DMZ is not responding to external requests. The primary concern should be ensuring that the external communication path through the firewall is properly configured.