DNSSEC was designed to add a layer of security to the DNS protocol. Which type of attack was the DNSSEC extension designed to mitigate? A. Account hijacking B. Snooping C. Spoofing D. Data exposure Suggested Answer: C Community Answer: C DNSSEC is an extension to the regular DNS protocol that utilizes digital signing of DNS query results, which can be verified to come from an authoritative source. This verification mitigates the ability for a rogue DNS server to be used to spoof query results and to direct users to malicious sites. DNSSEC provides for the verification of the integrity of DNS queries. It does not provide any protection from snooping or data exposure. Although it may help lessen account hijacking by preventing users from being directed to rogue sites, it cannot by itself eliminate the possibility. This question is in CCSP Certified Cloud Security Professional Exam For getting Certified Cloud Security Professional (CCSP) Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by ISC. Trademarks, certification & product names are used for reference only and belong to ISC. The website does not contain actual questions and answers from ISC's Certification Exams.
Please login or Register to submit your answer
