Private zones is currently in preview, and in a nutshell, it does the common tasks that any DNS zone can do, but in a more customized way. So, you can assign the private DNS zone to a virtual network. As a result, you can do whatever you want to do within this virtual network with a DNS only associated with it, and you do not get the information within this virtual network exposed externally. Private DNS zones support most of the common DNS records.
To use private DNS zones, you need to send your subscription details to AzureDNS-PrivateZone@microsoft.com, since it is available in preview currently.
Also, creating private DNS zones and configuring DNS zones at the time of writing is only supported via PowerShell.