GIAC
GCIH · Question #517
GCIH Question #517: Real Exam Question with Answer & Explanation
Sign in or unlock GCIH to reveal the answer and full explanation for question #517. The question stem and answer options stay visible for context.
Incident Response & Cyber Kill Chain
Question
A company's external DNS server was used by an attacker in a DDoS attack against a third party. Which of the following configurations should be changed to prevent this from happening again?
Options
- ADisable recursive DNS queries on the server
- BDo not allow TCP to be used for large DNS queries
- CRequire DNSSEC for DNS zone transfers
- DRemove the forward lookup zone on the server
Unlock GCIH to see the answer
You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#DNS amplification#recursive DNS#DDoS prevention#DNS hardening