DNS Security Extension (DNSSEC) adds security functionality to the Domain Name System for which three purposes? (Choose three)
A.
Origin authentication of DNS data
B.
Protection against denial of service (DoS) attacks
C.
Integrated data encryption using ESP
D.
Inclusion of the authorization flag in the DNS lookup
E.
Providing of confidentiality of data
F.
Data integrity
But
http://www.cisco.com/web/about/security/intelligence/dns-bcp.html#1
DNS Header Flag Filtering
DNS cache poisoning attacks use DNS open resolvers when attempting to corrupt the DNS cache of vulnerable resolvers. The DNS messages sent to open resolvers set the recursion desired (RD) flag in the DNS header. Utilizing the DNS application inspection flag filtering feature, these attacks can be minimized by dropping DNS messages with the RD flag present in the DNS header.
no any “the authorization flag in the DNS lookup
“
0
0
The correct answer should be A B F
0
0