A. Server 2008 R2 introduces support for DNSSEC, which allows the use of keys to ensure the integrity and source of DNS data. The TrustAnchors zone stores preconfigured public keys that are associated with a specific zone. You can view and modify these preconfigured keys by selecting Properties of the DNS server within the DNS MMC snap-in and selecting the Trust Anchors tab.

By default, the TrustAnchors zone won't exist, so if you have the zone it means someone has enabled DNSSEC in your environment and may have configured some trust anchors. So check the content and make sure it's valid.

Related Reading:



Check out hundreds more useful Q&As like this in John Savill's FAQ for Windows. Also, watch instructional videos made by John at ITTV.net.