GIAC
GCIH · Question #280
GCIH Question #280: Real Exam Question with Answer & Explanation
The correct answer is C: DNS poisoning. DNS poisoning is the attack where an attacker injects false DNS records associating domain names with incorrect IP addresses, redirecting victims to malicious servers.
Vulnerability Exploitation & Privilege Escalation
Question
In which of the following attacking methods does an attacker distribute incorrect IP address?
Options
- AIP spoofing
- BMac flooding
- CDNS poisoning
- DMan-in-the-middle
Explanation
DNS poisoning is the attack where an attacker injects false DNS records associating domain names with incorrect IP addresses, redirecting victims to malicious servers.
Common mistakes.
- A. IP spoofing falsifies the source IP address in packet headers to impersonate another host, but does not distribute incorrect IP-to-domain mappings to resolvers or other systems.
- B. MAC flooding overwhelms a switch's CAM table with fake MAC addresses to force it into hub mode - it is a Layer 2 attack entirely unrelated to IP address distribution.
- D. A man-in-the-middle attack intercepts and possibly modifies traffic between two parties but is not specifically defined by distributing incorrect IP addresses to DNS resolvers or clients.
Concept tested. DNS cache poisoning distributing incorrect IP addresses
Topics
#DNS poisoning#DNS cache poisoning#IP address spoofing#network attacks
Community Discussion
No community discussion yet for this question.