Exam GCIH All QuestionsBrowse all questions from this exam
Go to Exam
Question 27

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with many requests. Which of the following tools can an attacker use to perform a DNS zone transfer?

Each correct answer represents a complete solution. (Choose all that apply.)

    Correct Answer: A, B, D

    In the context of DNS zone transfer enumeration, the tools 'Host', 'Dig', and 'NSLookup' are all capable of performing DNS zone transfers. The 'Host' command can be used to make DNS queries and can attempt zone transfers by specifying certain options. 'Dig' is a flexible DNS querying tool and is widely used for performing zone transfers as well. 'NSLookup' also allows for DNS queries and can be used to attempt zone transfers when used in interactive mode. Therefore, these three tools represent complete solutions for performing DNS zone transfers.

Discussion
anonyuser

someone tell me what host is

tp9222

host command is primarily used to perform DNS lookups, such as resolving domain names to IP addresses or vice versa. While it can be used to query DNS servers, it typically does not support DNS zone transfer functionality directly. Therefore, it is less commonly used for conducting DNS zone transfers compared to tools like Dig and NSLookup, which are specifically designed for such tasks.