ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 18 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 18
Topic #: 1
[All 312-50v11 Questions]

DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?

  • A. nslookup -fullrecursive update.antivirus.com
  • B. dnsnooping -rt update.antivirus.com
  • C. nslookup -norecursive update.antivirus.com
  • D. dns --snoop update.antivirus.com
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by sam422 at March 27, 2021, 12:49 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
sam422
Highly Voted 3 years, 9 months ago
Answer is C, nslookup command for DNS query
upvoted 6 times
...
Daniel8660
Highly Voted 2 years, 2 months ago
Selected Answer: C
DNS Cache Snooping: Non-Recursive Queries are Enabled # nslookup -norecursive -type=A www.rapid7.com https://resources.infosecinstitute.com/topic/dns-cache-snooping/
upvoted 5 times
...
huyan
Most Recent 11 months, 3 weeks ago
norecursive means DNS Resolver already knows the answer, it either immediately returns a DNS record because it already stores it in local cache. In the opposite, recursive means the DNS Server will communicate with several other DNS servers to hunt down the query.
upvoted 1 times
...
DataTraveler
1 year, 3 months ago
Selected Answer: C
Non-recursive Method In this method, to snoop on a DNS server, attackers send a non-recursive query by setting the Recursion Desired (RD) bit in the query header to zero. Attackers query the DNS cache for a specific DNS record such as A, CNAME, PTR, CERT, SRV, and MX. If the queried record is present in the DNS cache, the DNS server responds with the information indicating that ***some user on the system*** has visited a specific domain. Otherwise, the DNS server responds with the information about another DNS server that can return an answer to the query, or it replies with the root.hints file containing information about all root DNS servers. p. 464/448
upvoted 1 times
...
ostorgaf
1 year, 4 months ago
Selected Answer: C
The "-norecursive" option is used to instruct nslookup not to use recursive queries when querying DNS servers, which can help in determining if the specified resource address is present in the DNS cache records without initiating further recursive queries.
upvoted 1 times
...
learntstuff
1 year, 10 months ago
C is correct non-recursive quires the DNS cache only recursive quires several DNS servers
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel