When an organization splits naming zones, the names of its hosts that are only accessible from an intranet are hidden from the Internet. Which of the following best describes why this is done?

A.
To prevent attackers from accessing servers

B.
To prevent the manipulation of the hosts file

C.
To avoid providing attackers with valuable information that can be used to prepare an attack

D.
To avoid providing attackers with information needed for cybersquatting

Explanation:
C: Many companies have their own internal DNS servers to resolve their internal hostnames. These companies usually also use the DNS servers at their ISPs to resolve
hostnames on the Internet. An internal DNS server can be used to resolve hostnames on the entire network, but usually more than one DNS server is used so that the load can
be split up and so that redundancy and fault tolerance are in place. Within DNS servers, networks are split into zones. One zone may contain all hostnames for the marketing
and accounting departments, and another zone may contain hostnames for the administration, research, and legal departments. It is a good idea to split DNS zones when
possible so that the names of hosts that are accessible only from an intranet are not visible from the Internet. This information is valuable to an attacker who is planning an attack
because it can lead to other information, such as the network structure, organizational structure, or server operating systems.
A is incorrect because this is not the best answer for this question. Naming zones are split up so that attackers cannot learn information about internal systems, such as
names, IP addresses, functions, and so on. One of the secondary attacks after exploiting a DNS server could be accessing a server in an unauthorized manner, but ensuring
unauthorized access just to servers is not the main reason to split DNS zones.
B is incorrect because splitting naming zones has to do with how DNS servers are set up to resolve hostnames, not manipulate the hosts file. The hosts file can be
manipulated for a number of reasons, both for good and bad. The hosts file always maps the hostname localhost to the IP address 127.0.0.1 (this is the loopback network
interface, which is defined in RFC 3330), as well as other hosts. Some viruses add invalid IP addresses of antivirus vendors to the hosts file to avoid detection. By adding
frequently visited IP addresses to the hosts file, you can increase the speed of Web browsing. You can also block spyware and ad networks by adding lists of spyware and ad
network sites to the hosts file and mapping them to the loopback network interface. This way, these sites always point back to the user’s machine and the sites cannot be
reached.
D is incorrect because hackers do not need information on a DNS server to carry out cybersquatting. Cybersquatting occurs when an attacker purchases a well-known brand
or company name, or variation thereof, as a domain name with the goal of selling it to the rightful owner. In the meantime, the company can be misrepresented to the public. The
only way an organization can avoid cybersquatting is by registering adjacent domains and variations on the domain, or by trademark litigation.