Which action would most effectively prevent unauthorized zone transfers?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Which action would most effectively prevent unauthorized zone transfers?

Explanation:
Zone transfers copy DNS zone data to secondary servers, so restricting who can receive that data is essential to prevent leakage. Configuring the DNS server to allow zone transfers only to authorized secondary servers enforces a whitelist at the server level, ensuring that only trusted, legitimate secondaries can request and receive zone data. This directly reduces the risk of an attacker obtaining the full zone information, while still allowing normal replication to trusted partners. Other options either cripple legitimate DNS operations or do not implement proper access control. Disabling all DNS services stops DNS resolution entirely. Relying on a tool like nslookup to perform transfers does not provide any protection or access control. Blocking all outbound traffic from DNS servers is overly broad and would disrupt necessary communication and updates, and it doesn’t address who is allowed to receive zone data.

Zone transfers copy DNS zone data to secondary servers, so restricting who can receive that data is essential to prevent leakage. Configuring the DNS server to allow zone transfers only to authorized secondary servers enforces a whitelist at the server level, ensuring that only trusted, legitimate secondaries can request and receive zone data. This directly reduces the risk of an attacker obtaining the full zone information, while still allowing normal replication to trusted partners.

Other options either cripple legitimate DNS operations or do not implement proper access control. Disabling all DNS services stops DNS resolution entirely. Relying on a tool like nslookup to perform transfers does not provide any protection or access control. Blocking all outbound traffic from DNS servers is overly broad and would disrupt necessary communication and updates, and it doesn’t address who is allowed to receive zone data.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy