Which statement best describes DNSSEC?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Which statement best describes DNSSEC?

Explanation:
DNSSEC ensures the origin and integrity of DNS data. It signs DNS records so that a resolver can verify the data actually came from the domain’s authoritative server and hasn’t been altered in transit, creating a chain of trust from the root down to each zone. This directly helps prevent DNS poisoning and spoofing by making tampering detectable. It does not encrypt DNS queries for privacy—that’s handled by other technologies like DNS over TLS or DNS over HTTPS. It also doesn’t replace DNS with a new secure protocol, and TTLs are independent of DNSSEC.

DNSSEC ensures the origin and integrity of DNS data. It signs DNS records so that a resolver can verify the data actually came from the domain’s authoritative server and hasn’t been altered in transit, creating a chain of trust from the root down to each zone. This directly helps prevent DNS poisoning and spoofing by making tampering detectable. It does not encrypt DNS queries for privacy—that’s handled by other technologies like DNS over TLS or DNS over HTTPS. It also doesn’t replace DNS with a new secure protocol, and TTLs are independent of DNSSEC.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy