Which DNS resource record indicates how long DNS poisoning could last?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Which DNS resource record indicates how long DNS poisoning could last?

Explanation:
In DNS, how long cached or potentially poisoned data can linger is tied to zone authority timing, especially what the Start of Authority (SOA) record specifies. The SOA record includes several timing fields—refresh, retry, expire, and minimum TTL. The Expire value is the key here: it defines how long a secondary (slave) DNS server should treat zone data as valid if it cannot reach the primary (master) server to refresh it. If a cache has been poisoned, that poisoned information can persist until this expire period elapses, at which point the data is considered stale and will be discarded or overwritten once a refresh can occur. The other record types mentioned (A for host-to-address mappings, MX for mail exchangers, PTR for reverse lookups) are just data records that carry specific mappings and their own TTLs. They don’t define a single, zone-wide duration for how long poisoning could last. TTLs on those records control how long each individual record is cached, but there isn’t a universal indicator of poisoning duration as strong as the SOA’s expire setting.

In DNS, how long cached or potentially poisoned data can linger is tied to zone authority timing, especially what the Start of Authority (SOA) record specifies. The SOA record includes several timing fields—refresh, retry, expire, and minimum TTL. The Expire value is the key here: it defines how long a secondary (slave) DNS server should treat zone data as valid if it cannot reach the primary (master) server to refresh it. If a cache has been poisoned, that poisoned information can persist until this expire period elapses, at which point the data is considered stale and will be discarded or overwritten once a refresh can occur.

The other record types mentioned (A for host-to-address mappings, MX for mail exchangers, PTR for reverse lookups) are just data records that carry specific mappings and their own TTLs. They don’t define a single, zone-wide duration for how long poisoning could last. TTLs on those records control how long each individual record is cached, but there isn’t a universal indicator of poisoning duration as strong as the SOA’s expire setting.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy