practice question error?

SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
found a possible error in the 34 question test (Which I like by the way!)

21. What is the term used to describe the type of attack where a DNS server accepts and uses incorrect information from a host that does not have authority to supply that information?

a. DNS cache corruption
b. DNS cache poisoning
c. DNS caching
d. DNS spoofing
e. Name server smurf
f. Name server teardrop

Now my thought was that is was DNS Poisoning, the answer for the test was DNS Spoofing.

Now, I think I understand that:

[FONT=Arial, Helvetica, sans-serif]DNS Spoofing is the art of making a DNS entry to point to an another IP than it would
be supposed to point to.
[/FONT]

whereas DNS poisoning is:

DNS cache poisoning is a maliciously created or unintended situation that provides data to a caching name server that did not originate from authoritative Domain Name System (DNS) sources.

Now it would appear that spoofing would be required to achieve a DNS poison, you would have to spoof as a DNS server with an updated CNS cache, however, isn't the act poisoning, rather than spoofing?

Comments

  • slothropslothrop Member Posts: 11 ■□□□□□□□□□
    I agree with SephStorm. I do not think DNS Spoofing is correct.
    My craft beer reviews at TheBarleyWhine.Com
  • joshmadakorjoshmadakor Member Posts: 495 ■■■■□□□□□□
    I got that one wrong too...
    WGU B.S. Information Technology (Completed January 2013)
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    What if the DNS server wasn't caching anything?
  • gatewaygateway Member Posts: 232
    dynamik wrote: »
    What if the DNS server wasn't caching anything?

    Good point. Since there is no reference in the question to whether the server is caching or not, should we assume it is not and that spoofing is the correct answer?
    Blogging my AWS studies here! http://www.itstudynotes.uk/aws-csa
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    gateway wrote: »
    Good point. Since there is no reference in the question to whether the server is caching or not, should we assume it is not and that spoofing is the correct answer?

    It's a vague question; I was just trying to get you to think.

    As he noted originally, the DNS response needs to be spoofed in order for the cache to be poisoned. I think you could make arguments for both the way the question is worded. The important thing is to understand what's actually involved in the process and not get hung up on a practice exam question. As long as you can do that, you'll be fine.
  • DevilsbaneDevilsbane Member Posts: 4,214 ■■■■■■■■□□
    I would say that it is B. Since the one dns server is changing the second's cache when it shouldn't be allowed to.

    Spoofing and poisoning can be the same thing. I might use DNS spoofing in order to poison the other server's cache.
    Decide what to be and go be it.
Sign In or Register to comment.