Joe, a system administrator, receives reports that users attempting to reach the corporate website are arriving
at an unfamiliar website instead. An investigation by a forensic analyst found that the name server log has
several corporate IP addresses that were changed using Joe’s credentials.
Which of the following is this attack called?
Web server attack
One Comment on “Which of the following is this attack called?”
Sigh…another one of “those” questions.
What on earth is a “name server log” supposed to be?? This is not something associated with DNS; rather it is associated with a technology called “Web speed”
Yet it gives us a hint. The NetBIOS names of the servers have their IP addresses changed to something else. This is managed by DNS; hence a DNS poisoning is the only possible answer