nerdexam
EC-Council

312-50V10 · Question #827

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

The correct answer is A. DNSSEC. DNSSEC (Domain Name System Security Extensions) is the correct answer. DNSSEC is a suite of IETF specifications that adds cryptographic signatures to DNS records, allowing resolvers to verify that DNS responses are authentic and have not been tampered with. It directly addresses

Footprinting and Reconnaissance

Question

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

Options

  • ADNSSEC
  • BResource records
  • CResource transfer
  • DZone transfer

How the community answered

(21 responses)
  • A
    90% (19)
  • B
    5% (1)
  • C
    5% (1)

Explanation

DNSSEC (Domain Name System Security Extensions) is the correct answer. DNSSEC is a suite of IETF specifications that adds cryptographic signatures to DNS records, allowing resolvers to verify that DNS responses are authentic and have not been tampered with. It directly addresses threats like DNS cache poisoning (where attackers inject false records) and DNS spoofing (where responses are forged). The other options are distractors: Resource Records are standard DNS data entries with no security function; 'Resource transfer' is not a real DNS term; Zone Transfer (AXFR/IXFR) is a mechanism for replicating DNS zone data between servers, not a security extension.

Topics

#DNSSEC#DNS security#DNS poisoning prevention#zone integrity

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice