GIAC
GPEN · Question #83
GPEN Question #83: Real Exam Question with Answer & Explanation
The correct answer is A. NSLookup B. Host D. Dig. NSLookup, Host, and Dig are standard DNS utilities that can request zone transfers (AXFR queries) from authoritative DNS servers; DSniff is a credential-sniffing tool unrelated to zone transfers.
Question
In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests. Which of the following tools can an attacker use to perform a DNS zone transfer? Each correct answer represents a complete solution. Choose all that apply.
Options
- ANSLookup
- BHost
- CDSniff
- DDig
Explanation
NSLookup, Host, and Dig are standard DNS utilities that can request zone transfers (AXFR queries) from authoritative DNS servers; DSniff is a credential-sniffing tool unrelated to zone transfers.
Common mistakes.
- C. DSniff is a network packet sniffing and credential harvesting toolkit designed to passively capture passwords and sensitive data from network traffic; it has no DNS zone transfer capability.
Concept tested. DNS zone transfer enumeration using AXFR queries
Community Discussion
No community discussion yet for this question.