312-50V11 · Question #232
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gain when th
The correct answer is C. DNS spoofing. DNS spoofing redirects users to attacker-controlled machines by returning fraudulent DNS responses, causing legitimate domain names to resolve to malicious IP addresses.
Question
An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gain when the employees of the office wants to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?
Options
- AMAC Flooding
- BSmurf Attack
- CDNS spoofing
- DARP Polsoning
How the community answered
(52 responses)- A8% (4)
- B2% (1)
- C87% (45)
- D4% (2)
Why each option
DNS spoofing redirects users to attacker-controlled machines by returning fraudulent DNS responses, causing legitimate domain names to resolve to malicious IP addresses.
MAC Flooding is a Layer 2 attack that overwhelms a switch's CAM table to force promiscuous forwarding of frames - it does not manipulate DNS resolution or redirect domain-based traffic.
A Smurf Attack is a volumetric DDoS amplification attack that uses spoofed ICMP echo requests to broadcast addresses - it is not a traffic redirection or name-resolution attack.
DNS spoofing, also known as DNS cache poisoning, involves an attacker injecting forged DNS records so that queries for legitimate domains like google.com resolve to the attacker's IP address instead of the real server. Because the office uses its own DNS server, the attacker can target that server to poison its cache, redirecting all clients that query it. This results in transparent traffic interception without any indication to the user that they have been redirected.
ARP Poisoning corrupts Layer 2 ARP caches to redirect traffic between hosts on the same LAN segment - the scenario describes redirection based on domain name resolution, which is a DNS-layer attack.
Concept tested: DNS spoofing and cache poisoning for traffic redirection
Source: https://learn.microsoft.com/en-us/windows-server/networking/dns/dns-top
Topics
Community Discussion
No community discussion yet for this question.