PrepAway - Latest Free Exam Questions & Answers

One Comment on “Which of the following firewall rules only denies DNS zone transfers?

  1. Tony says:

    Whilst this is the answer the exam wants, TCP 53 is also used for lookups above a certain size, which can be an issue when using DNSSec. The other consideration, is that zone transfers are more typically restricted to known hosts, and can be configured to use ports other than 53.
    So, denying TCP 53 will not necessarily prevent zone transfers, and will not necessarily only prevent zone transfers.




    0



    0

Leave a Reply