Configure a Multi-Zone DNS Environment

The “Configure a Multi-Zone DNS Environment” IT Pro Challenge virtual lab will teach you the fundamentals for working with DNS and DNS zones in Windows. You will create a DNS root zone and child zone, and you will learn how these zones communicate. By the end of this lab, you will be able to manage DNS roles between users on your system.

45 minutes
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »


As a network administrator, you will need to know how you configure a Domain Name System (DNS) and DNS best practices. A DNS zone refers to a subspace within the global DNS. Each DNS zone is legally owned and managed by a particular entity, such as a person or business. The total of all DNS zones form the DNS namespace. Understanding DNS configuration and how to manage parent and child zones will be an invaluable skill for your chosen IT career.

Working within the DNS and creating DNS zones for independent users are important skills for IT workers. Using DNS zones gives network administrators many advantages, including:

  • The DNS system is necessary to browse the internet, and provides an easy way for users on your network to access each other's systems.
  • Using DNS removes the need to memorize IP addresses.
  • DNS allows extra options for security over traditional network relationships.
  • DNS servers provide fast connection speeds.

In this guided lab, you will learn both how to create DNS zones and how to manage these DNS zones.

Understand the scenario: You are a network administrator. You need to configure DNS in a network that contains three subnets connected by a router.

Understand the environment: You have three subnets that are connected by a router.

Deploy a DNS child zone:

To begin this hands-on lab, you will start by working with three different user accounts to set up a 3-user DNS network. You will start by setting up the primary DNS, then creating a DNS child zone. In this step, you will learn how to work with DNS services and understand how to configure roles and data sharing between DNS zones. In this step, you will:

  • Launch a Windows virtual machine and log in as administrator.
  • Verify the existing DNS zone properties.
  • Switch accounts and configure the primary DNS and install DNS roles.
  • Create a child zone with forwarders to the other user accounts.
  • Verify the forwarding.
  • Create a delegation record that refers to the child zone.
  • Enable device sharing between zones.
  • Create security measures for the DNS zones.

Managing DNS zones:

For the second step of this lab, you will learn how to manage some of the more advanced features of a DNS. Once you create your DNS parent and child zone, you will need to understand how to manage communication and data flow within your DNS. This step will teach you some basic skills in DNS zone management. In this section, you will:

  • Create an alias record on the parent DNS zone.
  • Verify access between the parent and child zones.
  • Create a reverse lookup and pointers for the DNS zones.
  • Configure aging and scavenging for all DNS zones.


Working within the DNS is a critical skill for a network administrator to master. A well-managed DNS gives your users many benefits, such as fast communication between users, simplified data sharing, faster internet access, and heightened security. In this lab, you were introduced to many of the basic skills necessary to create and manage a DNS. By the end of this hands-on lab, you will have:

  • Created a child zone that forwards to the parent zone.
  • Created a delegation record that refers to the child zone.
  • Created an alias record and pointer records in a reverse lookup zone.
  • Enabled DNS aging and scavenging.

Other Challenges in this series

  • GUIDED CHALLENGE: Configure a DHCP Relay Agent
  • GUIDED CHALLENGE: Establish IPv6 Connectivity
  • GUIDED CHALLENGE: Administer an IPAM Environment
  • ADVANCED CHALLENGE: Can You Configure a Multi-Subnet Environment?