JT
JT Exams
Log inStart Free Trial
NetworkingNetwork+

DNS Records for CompTIA Network+ N10-009

DNS (Domain Name System) record types are directly tested on CompTIA Network+ N10-009. You must recognize what each record type does, when it is used, and how DNS troubleshooting relates to each type. Network+ tests DNS at a conceptual and operational level — not configuration syntax — with questions about record purposes, TTL, forward and reverse lookups, and common DNS failure scenarios.

8 min
3 sections · 7 exam key points
2 practice questions

Core DNS Record Types

A record (Address record): maps a hostname to an IPv4 address. This is the most fundamental DNS record — when you type google.com, a DNS A record returns the IPv4 address. AAAA record: maps a hostname to an IPv6 address (four times the bits of an A record — hence four A's).

CNAME (Canonical Name) record: creates an alias from one name to another. www.example.com can be a CNAME pointing to example.com. The client follows the CNAME chain until reaching an A or AAAA record. CNAMEs cannot point to IP addresses directly, and cannot coexist at the zone apex (the root domain itself).

MX (Mail Exchanger) record: specifies the mail server responsible for accepting email for a domain. Multiple MX records can exist with priority values — lower priority number = higher preference. When someone sends email to user@example.com, the sending server queries MX records to find where to deliver it.

PTR (Pointer) record: the reverse of an A record — maps an IP address to a hostname. Used for reverse DNS lookups (IP→hostname). PTR records live in the in-addr.arpa zone for IPv4 (or ip6.arpa for IPv6). Used by mail servers to verify sender legitimacy and in security tools.

NS (Name Server) record: identifies the authoritative name servers for a domain. Every domain must have at least two NS records for redundancy. SOA (Start of Authority) record: contains administrative information about the zone — primary name server, responsible person email, serial number, refresh/retry/expire timers, and minimum TTL.

Additional Record Types

TXT (Text) record: stores arbitrary text data. Modern uses: SPF (Sender Policy Framework) to prevent email spoofing, DKIM (DomainKeys Identified Mail) public keys, DMARC policies, and domain ownership verification for services like Google Workspace. SPF records in TXT format specify which servers are authorized to send email for a domain.

SRV (Service) record: specifies the location of services using a structured format including hostname, port, protocol, priority, and weight. Used by VoIP (SIP), Microsoft Active Directory (locating domain controllers), and other services that need to advertise their location in DNS.

TTL (Time to Live): controls how long DNS responses are cached by resolvers and clients. Short TTL = more DNS queries but faster propagation of changes. Long TTL = fewer queries but slower change propagation. During planned changes (migration, IP change), reduce TTL hours before the change to minimize caching delays.

DNS Hierarchy and Resolution

DNS resolution process: client queries local cache → local DNS resolver (ISP or corporate DNS server) → root nameservers → TLD nameservers (e.g., .com, .org) → authoritative nameserver for the domain → returns the record. This iterative process is transparent to users.

Recursive resolver: the DNS server (typically your ISP or Google 8.8.8.8) that does the full lookup on your behalf and caches results. Authoritative nameserver: the server that holds the actual DNS records for a zone — the final answer. Forwarder: a DNS server that forwards queries it cannot answer to another DNS server rather than querying root servers directly.

DNS Record Types Quick Reference

RecordPurposeMaps
AIPv4 address mappingHostname → IPv4
AAAAIPv6 address mappingHostname → IPv6
CNAMEAliasName → Another name
MXMail serverDomain → Mail server hostname
PTRReverse lookupIP address → Hostname
NSName serverDomain → Authoritative DNS server
TXTText data / SPF / DKIMDomain → Text string
SOAZone authorityZone → Administrative info
SRVService locationService → Host + port

Key exam facts — Network+

  • A record = hostname to IPv4; AAAA = hostname to IPv6
  • CNAME = alias pointing to another name (not an IP address)
  • MX records identify mail servers; lower priority number = preferred
  • PTR = reverse lookup (IP to hostname); lives in in-addr.arpa zone
  • TXT records carry SPF, DKIM, DMARC, and domain verification data
  • TTL controls cache duration — reduce before planned IP changes
  • Recursive resolver does the full lookup; authoritative nameserver holds the actual records

Common exam traps

CNAME records can point directly to IP addresses

CNAME records must point to another hostname (which eventually resolves to an IP via an A/AAAA record) — they cannot contain IP addresses directly

There can only be one MX record per domain

Multiple MX records are normal and recommended for redundancy. The priority value determines preference — the lowest number is tried first

PTR records are automatically created when A records are added

PTR records in the reverse DNS zone must be created separately. They are often managed by the ISP or cloud provider that owns the IP address block

Practice questions — DNS Records

These questions are representative of what you will see on Network+ exams. The correct answer and explanation are shown immediately below each question.

Q1.A mail server administrator reports that incoming email from their domain is being rejected by recipients as potential spam. After investigation, the sending IP address does not match the domain's DNS records. Which DNS record type should be checked and corrected?

A.A record
B.MX record
C.SPF record (TXT)
D.CNAME record

Explanation: SPF (Sender Policy Framework) is stored in a DNS TXT record and specifies which IP addresses are authorized to send email for a domain. If the sending server's IP is not listed in the SPF record, receiving mail servers may reject or flag the email as spam. An A record maps names to IPs; MX records identify inbound mail servers; CNAME creates aliases.

Q2.A network technician needs to verify which mail server handles email for the domain example.com. Which DNS record type contains this information?

A.A
B.PTR
C.MX
D.NS

Explanation: MX (Mail Exchanger) records identify the mail servers responsible for accepting email for a domain. The technician would query: nslookup -type=MX example.com or dig MX example.com. A records map hostnames to IPs; PTR records are for reverse lookups; NS records identify name servers.

Frequently asked questions — DNS Records

What tools can I use to look up DNS records?

nslookup: built into Windows and Linux — nslookup -type=MX example.com. dig: powerful Linux/macOS DNS tool — dig MX example.com. host: simple Linux tool — host -t MX example.com. Online: dnschecker.org, mxtoolbox.com. For reverse lookup: nslookup 8.8.8.8 or dig -x 8.8.8.8.

What is DNS poisoning and how does DNSSEC prevent it?

DNS poisoning (cache poisoning) injects false DNS records into a resolver's cache, causing clients to be directed to malicious IPs. DNSSEC (DNS Security Extensions) adds digital signatures to DNS records, allowing resolvers to cryptographically verify that records are authentic and unmodified. DNSSEC does not encrypt DNS traffic — it only provides integrity verification.

Practice this topic

Network+practice questions

Test yourself on DNS Records

JT Exams routes you to questions in your exact weak areas — automatically, after every session.

Free practice testStart 7-Day Free Trial

No credit card · Cancel anytime

Related certification topics

DHCP Implementation

Network+

DNS Troubleshooting

Network+

DNS Implementation

Network+

Network Protocols

Network+