312-50V10 · Question #827
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
The correct answer is A. DNSSEC. DNSSEC (Domain Name System Security Extensions) is the correct answer. DNSSEC is a suite of IETF specifications that adds cryptographic signatures to DNS records, allowing resolvers to verify that DNS responses are authentic and have not been tampered with. It directly addresses
Question
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
Options
- ADNSSEC
- BResource records
- CResource transfer
- DZone transfer
How the community answered
(21 responses)- A90% (19)
- B5% (1)
- C5% (1)
Explanation
DNSSEC (Domain Name System Security Extensions) is the correct answer. DNSSEC is a suite of IETF specifications that adds cryptographic signatures to DNS records, allowing resolvers to verify that DNS responses are authentic and have not been tampered with. It directly addresses threats like DNS cache poisoning (where attackers inject false records) and DNS spoofing (where responses are forged). The other options are distractors: Resource Records are standard DNS data entries with no security function; 'Resource transfer' is not a real DNS term; Zone Transfer (AXFR/IXFR) is a mechanism for replicating DNS zone data between servers, not a security extension.
Topics
Community Discussion
No community discussion yet for this question.