Using DNS DIG with AXFR/IXFR, what is the attacker attempting to do?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Computer Hacking Forensic Investigator v11 exam. Study with flashcards and multiple choice questions. Each question includes hints and explanations. Get exam-ready efficiently!

Multiple Choice

Using DNS DIG with AXFR/IXFR, what is the attacker attempting to do?

Explanation:
This question tests DNS reconnaissance through zone transfers. AXFR is a full zone transfer, and IXFR is incremental. When an attacker uses a DNS tool with these options, they are probing to see if the DNS server will reveal the entire zone data to them. If allowed, the attacker gains a complete map of the domain’s DNS records—hostnames, IP addresses, mail servers, name servers, and other resource records—which can be used for further attacks or network discovery. That’s the essence of performing a zone transfer. Options about crashing the server, poisoning DNS, or enumerating domain users don’t align with what AXFR/IXFR attempts do; those activities target other weaknesses or goals, not the acquisition of the full DNS zone data.

This question tests DNS reconnaissance through zone transfers. AXFR is a full zone transfer, and IXFR is incremental. When an attacker uses a DNS tool with these options, they are probing to see if the DNS server will reveal the entire zone data to them. If allowed, the attacker gains a complete map of the domain’s DNS records—hostnames, IP addresses, mail servers, name servers, and other resource records—which can be used for further attacks or network discovery. That’s the essence of performing a zone transfer.

Options about crashing the server, poisoning DNS, or enumerating domain users don’t align with what AXFR/IXFR attempts do; those activities target other weaknesses or goals, not the acquisition of the full DNS zone data.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy