CompTIA CASP+ Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Enhance your CompTIA CASP+ exam readiness with our comprehensive quizzes. Sharpen your skills with detailed flashcards and multiple choice questions, each with hints and in-depth explanations. Prepare effectively for this challenging exam!

Practice this question and more.

What type of attack could a secondary DNS server still be vulnerable to if only server ACLs are used for zone transfer security?

DNS poisoning
IP spoofing
Phishing
Malware injection

The correct answer is: IP spoofing

The correct answer, IP spoofing, addresses the potential vulnerability of a secondary DNS server relying solely on Access Control Lists (ACLs) for zone transfer security. When ACLs are used, they generally permit certain IP addresses or ranges to request zone transfers from the primary DNS server. However, if an attacker can spoof their IP address to match an allowed address, they could potentially trick the server into granting them access to sensitive zone information. In the context of DNS, IP spoofing involves sending packets from a source address that appears to be trusted, allowing the attacker to bypass any restrictions imposed by ACLs. This poses a significant risk because if the secondary DNS server cannot accurately verify the source of the request beyond just the IP address provided, it may unknowingly provide sensitive zone transfer data to an unauthorized entity. Other options like DNS poisoning involve the process of manipulating DNS records to reroute legitimate requests to malicious sites or servers, which is typically mitigated through measures such as DNSSEC. Phishing is primarily related to social engineering tactics rather than DNS security specifically, and malware injection concerns are more about the integrity of server data rather than zone transfer vulnerabilities. Hence, while they present their own security challenges, they are not directly tied to the weaknesses of ACL-based