ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 524 discussion

Actual exam question from CompTIA's CAS-004
Question #: 524
Topic #: 1
[All CAS-004 Questions]

A DNS forward lookup zone named comptia.org must:

• Ensure the DNS is protected from on-path attacks.
• Ensure zone transfers use mutual authentication and are authenticated and negotiated.

Which of the following should the security architect configure to meet these requirements? (Choose two.)

  • A. Public keys
  • B. Conditional forwarders
  • C. Root hints
  • D. DNSSEC
  • E. CNAME records
  • F. SRV records
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by Bright07 at Sept. 30, 2024, 9:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Steel16
3 months, 4 weeks ago
Selected Answer: AD
o DNSSEC (Domain Name System Security Extensions): This helps protect against on-path attacks by ensuring the authenticity and integrity of DNS responses through digital signatures o Public keys: These are used in conjunction with DNSSEC to authenticate and verify the integrity of DNS data, and they can also be used to secure zone transfers through mechanisms like TSIG (Transaction Signature)
upvoted 1 times
...
grelaman
8 months, 4 weeks ago
Selected Answer: AD
D. DNSSEC mitigates threats such as DNS spoofing and cache poisoning by providing data integrity and origin authentication. This ensures that attackers cannot easily intercept or alter DNS responses, thereby protecting against on-path (man-in-the-middle) attacks. A. Public keys are integral to various authentication and encryption mechanisms. In the context of DNS, public keys are used in DNSSEC to verify digital signatures.
upvoted 1 times
...
Bright07
9 months, 1 week ago
A. Public keys D. DNSSEC DNSSEC (Domain Name System Security Extensions) provides protection against on-path attacks by ensuring the authenticity of DNS data, while public keys can be used for mutual authentication in zone transfers.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel