Master DNS vocabulary: record types (A, AAAA, CNAME, MX, TXT, NS, SRV), TTL, DNS propagation, authoritative vs. recursive resolvers, and DNSSEC.
0 / 5 completed
1 / 5
What is the difference between an authoritative DNS server and a recursive resolver?
Authoritative servers are the source of truth for a DNS zone — they return definitive answers. Recursive resolvers (like 8.8.8.8) walk the DNS hierarchy on a client's behalf, caching results to speed up future lookups.
2 / 5
A CNAME record in DNS is used to:
CNAME (Canonical Name) creates an alias — e.g., www.example.com → example.com. All record types are then looked up against the canonical name. CNAMEs cannot coexist with other record types at the same node (the 'CNAME at apex' problem).
3 / 5
TTL (Time To Live) on a DNS record controls:
TTL is measured in seconds. A low TTL (e.g., 60s) means changes propagate quickly but generate more query load. A high TTL (e.g., 86400s = 1 day) reduces load but slows propagation — important to lower TTL before planned DNS changes.
4 / 5
DNSSEC protects DNS by:
DNSSEC uses public-key cryptography to sign zone data. Resolvers validate the chain of trust from the root zone down to the record. DNSSEC prevents cache poisoning attacks (Kaminsky attack) but does not encrypt queries — that is the role of DNS over HTTPS (DoH) or DNS over TLS (DoT).
5 / 5
An SRV record in DNS is primarily used to:
SRV records encode the protocol, service name, priority, weight, port, and target hostname — for example, _sip._tcp.example.com. They are used by SIP, XMPP, Kubernetes service discovery, and other protocols so clients can find service endpoints dynamically.