Forest Trust: When you configure a forest trust, one Active Directory forest trusts the other one. Forest trusts are transitive. When you configure a forest trust, you can allow any domain in the trusting forest to be accessible to any security principal in the trusted forest. Forest trusts require that each forest be configured to run at the Windows Server 2003 forest functional level or higher. Forest trusts can be bidirectional or unidirectional. You are most likely to configure forest trusts if your organisation has two or more Active Directory forests. You can configure one of two authentications scopes when you configure a forest trust. The type of authentication scope that you configure depends on your security requirements. The options are: Forest-wide authentication: When you choose forest-wide authentication, users from the trusted forest are automatically authenticated for all resources in the local forest. You should use this option when both the trusted and trusting forests are part of the same organisation. Selective authentication: When you configure this option, Windows does not automatically authenticate users from the trusted forest. You can then configure specific servers and domains within the forest to allow users from the trusted forest to authenticate. Use this option when the two forests are from different organisations, or you have more stringent security requirements. External trusts enable you to configure one domain in one forest to trust a domain in another forest without enabling a transitive trust. For example, you configure an external trust if you want to allow the auckland.fabrikam.com domain to have a trust relationship with the wellington.adatum.com domain without allowing any other domains in the fabrikam.com or adatum.com forests to have a security relationship with one another. Realm Trust: You use a realm trust to create a relationship between an Active Directory Services domain and a Kerberos V5 realm that uses a third-party directory service. Realm trusts can be transitive or nontransitive. They can also be unidirectional or bidirectional. You’re most likely to configure a realm trust when you need to allow users who use a UNIX directory service to access resources in an Active Directory domain or users in an Active Directory domain to access resources in a UNIX Kerberos V5 realm.

A record or Host record is a type of DNS Record used to store Host name to IP mapping. It contains hostname and corresponding IP information. A record is usually used for IP Version 4 system. For IP Version 6 this record is known as "AAAA" Record. Each "A" denotes a 32 bit binary number. MX Record or Mail Exchange record is also a type of DNS record which stores the Mail Server details. It is used to map the IP address of a Mail Exchange server. Eg: mail1.tphrc.in --> 103.85.64.29 mail2.tphrc.in --> 103.85.64.30

Enterprise Admin Group: 1. Members of this group have complete control of all domains in the forest 2. By default, this group belongs to the administrators group on all domain controllers in the forest 3. As such this group has full control of the forest, add users with caution Domain Admin Group 1. Members of this group have complete control of the domain 2. By default, this group is a member of the administrators group on all domain controllers, workstations and member servers at the time they are linked to the domain 3. As such the group has full control in the domain, add users with caution

Definitely!! It would be a good learning curve for QA's to participate in resolving production issues. Many a time production issues could be resolved by clearing the logs or making some registry settings or by restarting the services. These kinds of environmental issues could be very well fixed by the QA team. Also If QAs have an insight on resolving the production issues, they may also include them while writing the test cases, and this way they can contribute to improve quality and try to minimize the production defects.