nerdexam
GIAC

GCIH · Question #760

Based on the nmap data in the screenshot the analyst would choose which IP address for a DNS attack?

The correct answer is C. 10.0.0.1. An analyst selects the DNS attack target by identifying the host with port 53 open in the nmap output, which indicates an active DNS service.

Reconnaissance, Scanning, and Enumeration

Question

Based on the nmap data in the screenshot the analyst would choose which IP address for a DNS attack?

Exhibit

GCIH question #760 exhibit

Options

  • A10.0.0.229
  • B10.0.0.13
  • C10.0.0.1
  • D10.0.0.171

How the community answered

(31 responses)
  • A
    16% (5)
  • B
    3% (1)
  • C
    74% (23)
  • D
    6% (2)

Why each option

An analyst selects the DNS attack target by identifying the host with port 53 open in the nmap output, which indicates an active DNS service.

A10.0.0.229

10.0.0.229 does not have port 53 open in the nmap results and is therefore not running a DNS service.

B10.0.0.13

10.0.0.13 does not show port 53 as open in the scan output and is not an appropriate DNS attack target.

C10.0.0.1Correct

10.0.0.1 is the host shown in the nmap scan with port 53/tcp open, identifying it as the active DNS server in the environment. Targeting this host enables DNS-based attacks such as zone transfers, cache poisoning, or denial-of-service against the DNS service itself.

D10.0.0.171

10.0.0.171 does not have port 53 open in the nmap results and is not identified as a DNS server.

Concept tested: Identifying DNS server target using nmap scan results

Source: https://nmap.org/book/man-port-scanning-basics.html

Topics

#nmap#DNS port 53#target selection#network reconnaissance

Community Discussion

No community discussion yet for this question.

Full GCIH Practice