Question 1 of 6
What is the critical security property of the host file that makes it a viable DNS poisoning attack vector?
Question 2 of 6
Which DNS poisoning technique requires the attacker to intercept traffic in real-time and is specifically classified as an on-path attack?
Question 3 of 6
On October 22, 2016, attackers changed domain registrations for 36 domains belonging to a Brazilian bank, redirecting all customer traffic for six hours without compromising any bank server. What type of attack does this represent, and what single control would have been most effective in preventing it?
Question 4 of 6
An attacker registers "bankofwesternusa.net" β a domain that differs from the legitimate "bankofwesternusa.com" only in the top-level domain. They deploy a pixel-perfect replica of the bank's login page. Customers who type ".net" instead of ".com" land on the fake page and submit their credentials. What attack technique is this?
Question 5 of 6
DNSSEC is implemented across an organization's DNS infrastructure. Which of the following DNS attack vectors does DNSSEC directly mitigate, and which does it NOT address?
Question 6 of 6
A security analyst reports that a domain "officialcompany.org" has been registered by an unknown party and is displaying advertisements for products unrelated to the company. The company's actual domain is "officialcompany.com". Which URL hijacking motivation BEST describes this scenario?
Matching β DNS Attack Concepts
Match each term on the left to its correct description on the right.
1. DNS Poisoning
2. Domain Hijacking
3. Typosquatting
4. Host File