nerdexam
EC-Council

312-50V13 · Question #39

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

The correct answer is A. DNSSEC. DNSSEC (Domain Name System Security Extensions) is specifically designed as a suite of extensions to DNS that authenticate the origin of DNS data using digital signatures, protecting against DNS poisoning, spoofing, and cache poisoning attacks - making Option A the clear correct

Submitted by lukas.cz· Mar 6, 2026Vulnerability Analysis

Question

is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.

Options

  • ADNSSEC
  • BResource records
  • CResource transfer
  • DZone transfer

How the community answered

(57 responses)
  • A
    88% (50)
  • B
    7% (4)
  • C
    4% (2)
  • D
    2% (1)

Explanation

DNSSEC (Domain Name System Security Extensions) is specifically designed as a suite of extensions to DNS that authenticate the origin of DNS data using digital signatures, protecting against DNS poisoning, spoofing, and cache poisoning attacks - making Option A the clear correct answer.

Option B (Resource records) are incorrect because they are simply data entries within DNS (e.g., A, MX, CNAME records) that store information about domain names - they have no security authentication function on their own. Option C (Resource transfer) is not a standard DNS term and is essentially a distractor. Option D (Zone transfer) refers to the replication of DNS zone data between servers (primary to secondary), which is a DNS administrative function, not a security authentication mechanism.

Memory Tip: Think of DNSSEC as DNS with a security badge - the "SEC" suffix stands for Security Extensions, making it easy to remember that it's the security-focused add-on to standard DNS that verifies data authenticity.

Topics

#DNSSEC#DNS security#DNS poisoning prevention#Spoofing prevention

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice