312-50V10 · Question #459
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gains Now wh
The correct answer is C. DNS spoofing. DNS spoofing involves corrupting DNS resolution so that domain name queries return a fraudulent IP address, redirecting users to an attacker-controlled machine.
Question
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gains Now when the employees of the office want to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?
Options
- AARP Poisoning
- BSmurf Attack
- CDNS spoofing
- DMAC Flooding
How the community answered
(32 responses)- A3% (1)
- B3% (1)
- C94% (30)
Why each option
DNS spoofing involves corrupting DNS resolution so that domain name queries return a fraudulent IP address, redirecting users to an attacker-controlled machine.
ARP poisoning manipulates Layer 2 ARP tables to associate an attacker's MAC address with a legitimate IP, used for local LAN traffic interception rather than DNS-based redirection.
A Smurf attack is a DDoS technique that uses ICMP echo requests with a spoofed source IP to flood a victim with traffic, unrelated to traffic redirection.
DNS spoofing, also known as DNS cache poisoning, occurs when an attacker compromises or poisons a DNS server to return a malicious IP address in response to legitimate domain queries. In this scenario, the attacker gained control of the DNS server, causing employees' requests for google.com to resolve to the attacker's machine instead of the legitimate destination.
MAC flooding overwhelms a switch's MAC address table to force it into hub mode for local traffic sniffing, not for redirecting users to an attacker's machine.
Concept tested: DNS spoofing and DNS-based traffic redirection attacks
Source: https://www.cisa.gov/news-events/alerts/2019/01/16/dns-infrastructure-tampering
Topics
Community Discussion
No community discussion yet for this question.