nerdexam
EC-Council

312-50V10 · Question #459

An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gains Now wh

The correct answer is C. DNS spoofing. DNS spoofing involves corrupting DNS resolution so that domain name queries return a fraudulent IP address, redirecting users to an attacker-controlled machine.

Sniffing

Question

An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gains Now when the employees of the office want to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?

Options

  • AARP Poisoning
  • BSmurf Attack
  • CDNS spoofing
  • DMAC Flooding

How the community answered

(32 responses)
  • A
    3% (1)
  • B
    3% (1)
  • C
    94% (30)

Why each option

DNS spoofing involves corrupting DNS resolution so that domain name queries return a fraudulent IP address, redirecting users to an attacker-controlled machine.

AARP Poisoning

ARP poisoning manipulates Layer 2 ARP tables to associate an attacker's MAC address with a legitimate IP, used for local LAN traffic interception rather than DNS-based redirection.

BSmurf Attack

A Smurf attack is a DDoS technique that uses ICMP echo requests with a spoofed source IP to flood a victim with traffic, unrelated to traffic redirection.

CDNS spoofingCorrect

DNS spoofing, also known as DNS cache poisoning, occurs when an attacker compromises or poisons a DNS server to return a malicious IP address in response to legitimate domain queries. In this scenario, the attacker gained control of the DNS server, causing employees' requests for google.com to resolve to the attacker's machine instead of the legitimate destination.

DMAC Flooding

MAC flooding overwhelms a switch's MAC address table to force it into hub mode for local traffic sniffing, not for redirecting users to an attacker's machine.

Concept tested: DNS spoofing and DNS-based traffic redirection attacks

Source: https://www.cisa.gov/news-events/alerts/2019/01/16/dns-infrastructure-tampering

Topics

#DNS spoofing#traffic redirection#DNS poisoning#network attack

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice