PT0-002 · Question #571
PT0-002 Question #571: Real Exam Question with Answer & Explanation
The correct answer is D: VPN users make use of internal DNS servers. The difference in responses indicates that when the penetration tester is connected to the VPN, the DNS resolution is handled by the organization's internal DNS servers, which resolve ftp.example.com to an internal IP address (10.0.10.23). When connected to the home internet prov
Question
A penetration tester is performing an assessment of a file server that the customer uses to exchange reports and other documents with business partners. The penetration tester executes the following command while connected to the organization's VPN: Next, the penetration tester executes the following command while connected to the home internet provider: Which of the following is the most likely reason for the difference in the two responses?
Options
- AInternal requests to the server require single sign-on
- BAn Apache web proxy server is being used
- CA WAF is blocking some requests
- DVPN users make use of internal DNS servers
Explanation
The difference in responses indicates that when the penetration tester is connected to the VPN, the DNS resolution is handled by the organization's internal DNS servers, which resolve ftp.example.com to an internal IP address (10.0.10.23). When connected to the home internet provider, the DNS resolution is handled by an external DNS server (dns9.quad9.net), which resolves ftp.example.com to an external/public IP address (142.250.31.113). This behavior is typical in corporate environments where VPN connections route DNS requests to internal DNS servers to access internal resources securely. External DNS servers, such as Quad9, would not have knowledge of the internal network setup, so they resolve to a public-
Topics
Community Discussion
No community discussion yet for this question.