Verify Custom Domain for Azure AD | DNS Record Type | Exam AZ-100
Question
You have an Azure Active Directory (Azure AD) tenant named contosocloud.onmicrosoft.com.
Your company has a public DNS zone for contoso.com.
You add contoso.com as a custom domain name to Azure AD.
You need to ensure that Azure can verify the domain name.
Which type of DNS record should you create?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D
Create the TXT record. App Services uses this record only at configuration time to verify that you own the custom domain. You can delete this TXT record after your custom domain is validated and configured in App Service.
https://docs.microsoft.com/en-us/azure/dns/dns-web-sites-custom-domainThe correct answer is D. TXT.
Explanation: When you add a custom domain name to Azure AD, you need to verify that you own the domain name. To do this, you need to create a TXT record in the DNS zone for your domain that contains a specific verification code provided by Azure AD. Once Azure AD verifies that you own the domain name, you can use it for things like user sign-in and email addresses.
RRSIG (Answer A) is a DNS record used for DNSSEC (Domain Name System Security Extensions) and is used to sign DNS records.
PTR (Answer B) is a DNS record used for reverse DNS lookups, which map an IP address to a domain name.
DNSKEY (Answer C) is a DNS record used for DNSSEC and contains a public key that can be used to verify DNS records that have been signed with RRSIG records.
Therefore, the correct answer is D. TXT, as it is the DNS record type used for domain name verification in Azure AD.
