Which of the following should be implemented to stop an attacker from mapping out addresses
and/or devices on a network?
A.
Single sign on
B.
IPv6
C.
Secure zone transfers
D.
VoIP
Explanation:
C: A primary DNS server has the “master copy” of a zone, and secondary DNS servers keep
copies of the zone for redundancy. When changes are made to zone data on the primary DNS
server, these changes must be distributed to the secondary DNS servers for the zone. This is
done through zone transfers. If you allow zone transfers to any server, all the resource records in
the zone are viewable by any host that can contact your DNS server. Thus you will need to secure
the zone transfers to stop an attacker from mapping out your addresses and devices on your
network.
First, for a process of elimination:
A- “Single sign on” does not achieve this. It actually makes it easier.
B – IPv6 does not achieve this. It is just a protocol. Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet.
D Voice Over IP is a Voice Protocol and does not achieve this
We have so far eliminated 3 out of 4 questions, leaving just one: The Correct answer.
C: A primary DNS server has the “master copy” of a zone, and secondary DNS servers keep copies of the zone for redundancy. When changes are made to zone data on the primary DNS server, these changes must be distributed to the secondary DNS servers for the zone. This is done through zone transfers. If you allow zone transfers to any server, all the resource records in the zone are viewable by any host that can contact your DNS server. Thus you will need to secure the zone transfers to stop an attacker from mapping out your addresses and devices on your network.
0
0