If zone transfers are not restricted, which risk increases?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

If zone transfers are not restricted, which risk increases?

Explanation:
Unrestricted zone transfers expose the entire DNS zone to anyone who can request it. A DNS zone contains all records for a domain—A/AAAA, NS, MX, CNAME, SRV, and often subdomain names and internal host information. When transfers aren’t limited to trusted secondary servers, an attacker can fetch the complete zone data and map the domain’s infrastructure, revealing subdomains, mail servers, and other services. This makes reconnaissance, targeted attacks, and credential harvesting much easier. While other issues like denial of service, data corruption, or spoofing could arise in certain scenarios, the primary and most direct risk from open transfers is data leakage of zone records. To mitigate, restrict transfers to authorized IPs or use TSIG for authenticated transfers.

Unrestricted zone transfers expose the entire DNS zone to anyone who can request it. A DNS zone contains all records for a domain—A/AAAA, NS, MX, CNAME, SRV, and often subdomain names and internal host information. When transfers aren’t limited to trusted secondary servers, an attacker can fetch the complete zone data and map the domain’s infrastructure, revealing subdomains, mail servers, and other services. This makes reconnaissance, targeted attacks, and credential harvesting much easier. While other issues like denial of service, data corruption, or spoofing could arise in certain scenarios, the primary and most direct risk from open transfers is data leakage of zone records. To mitigate, restrict transfers to authorized IPs or use TSIG for authenticated transfers.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy