312-50V13 · Question #582
312-50V13 Question #582: Real Exam Question with Answer & Explanation
The correct answer is C: dnsrecon -r 162.241.216.0/24 -n nsl.example.com -t std. The dnsrecon -t std command is most effective for performing reverse DNS lookups and enumerating nameserver and MX records for a given IP range.
Question
As a Certified Ethical Hacker, you are conducting a footprinting and reconnaissance operation against a target organization. You discover a range of IP addresses associated with the target using the SecurityTrails tool. Now, you need to perform a reverse DNS lookup on these IP addresses to find the associated domain names, as well as determine the nameservers and mail exchange (MX) records. Which of the following DNSRecon commands would be most effective for this purpose?
Options
- Adnsrecon -r 192.168.1.0/24 -n nsl.example.com -t axfr
- Bdnsrecon -r 10.0.0.0/24 -n nsl.example.com -t zonewalk
- Cdnsrecon -r 162.241.216.0/24 -n nsl.example.com -t std
- Ddnsrecon -r 162.241.216.0/24 -d example.com -t brt
Explanation
The dnsrecon -t std command is most effective for performing reverse DNS lookups and enumerating nameserver and MX records for a given IP range.
Common mistakes.
- A.
192.168.1.0/24is a private IP range, making it unsuitable for public target reconnaissance, and theaxfrtype is for zone transfers, not general enumeration of multiple record types. - B.
10.0.0.0/24is also a private IP range, and whilezonewalkattempts to discover hosts, it might not comprehensively cover all the requested record types as efficiently asstdfor broad information gathering. - D. The
-d example.comflag specifies the target domain for brute-forcing subdomains (-t brt), which is not the correct approach for performing reverse DNS lookups on an IP range.
Concept tested. DNSRecon command line usage for reconnaissance
Topics
Community Discussion
No community discussion yet for this question.