nerdexam
EC-Council

312-50V10 · Question #143

Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning

The correct answer is B. The use of DNSSEC. DNS Cache Poisoning forges DNS responses to redirect users to malicious sites, and DNSSEC mitigates this by cryptographically signing DNS records to ensure their authenticity.

Hacking Web Servers

Question

Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?

Options

  • AThe use of security agents in clients' computers
  • BThe use of DNSSEC
  • CThe use of double-factor authentication
  • DClient awareness

How the community answered

(27 responses)
  • B
    89% (24)
  • C
    4% (1)
  • D
    7% (2)

Why each option

DNS Cache Poisoning forges DNS responses to redirect users to malicious sites, and DNSSEC mitigates this by cryptographically signing DNS records to ensure their authenticity.

AThe use of security agents in clients' computers

Security agents on client computers operate above the DNS layer and cannot detect or prevent a poisoned DNS response being returned by the resolver before the connection is established.

BThe use of DNSSECCorrect

DNSSEC (Domain Name System Security Extensions) adds digital signatures to DNS records, allowing resolvers to verify that responses are authentic and have not been tampered with. This directly addresses cache poisoning because a forged DNS response will fail signature validation and be rejected by DNSSEC-aware resolvers.

CThe use of double-factor authentication

Double-factor authentication secures user login credentials but has no effect on the DNS resolution process that redirects users before authentication even occurs.

DClient awareness

Client awareness can reduce risk from phishing but cannot technically prevent a DNS resolver from caching and serving a poisoned record to clients.

Concept tested: DNSSEC as mitigation for DNS cache poisoning

Source: https://www.icann.org/resources/pages/dnssec-what-is-it-why-important-2019-03-05-en

Topics

#DNS cache poisoning#DNSSEC#DNS security#mitigation

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice