312-50V13 · Question #39
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
The correct answer is A. DNSSEC. DNSSEC (Domain Name System Security Extensions) is specifically designed as a suite of extensions to DNS that authenticate the origin of DNS data using digital signatures, protecting against DNS poisoning, spoofing, and cache poisoning attacks - making Option A the clear correct
Question
Options
- ADNSSEC
- BResource records
- CResource transfer
- DZone transfer
How the community answered
(57 responses)- A88% (50)
- B7% (4)
- C4% (2)
- D2% (1)
Explanation
DNSSEC (Domain Name System Security Extensions) is specifically designed as a suite of extensions to DNS that authenticate the origin of DNS data using digital signatures, protecting against DNS poisoning, spoofing, and cache poisoning attacks - making Option A the clear correct answer.
Option B (Resource records) are incorrect because they are simply data entries within DNS (e.g., A, MX, CNAME records) that store information about domain names - they have no security authentication function on their own. Option C (Resource transfer) is not a standard DNS term and is essentially a distractor. Option D (Zone transfer) refers to the replication of DNS zone data between servers (primary to secondary), which is a DNS administrative function, not a security authentication mechanism.
Memory Tip: Think of DNSSEC as DNS with a security badge - the "SEC" suffix stands for Security Extensions, making it easy to remember that it's the security-focused add-on to standard DNS that verifies data authenticity.
Topics
Community Discussion
No community discussion yet for this question.