Chapter 46 Β· Quiz

DNS Attacks Quiz

6 multiple-choice questions and a matching section. Submit to reveal answers and explanations.

Question 1 of 6
What is the critical security property of the host file that makes it a viable DNS poisoning attack vector?
Question 2 of 6
Which DNS poisoning technique requires the attacker to intercept traffic in real-time and is specifically classified as an on-path attack?
Question 3 of 6
On October 22, 2016, attackers changed domain registrations for 36 domains belonging to a Brazilian bank, redirecting all customer traffic for six hours without compromising any bank server. What type of attack does this represent, and what single control would have been most effective in preventing it?
Question 4 of 6
An attacker registers "bankofwesternusa.net" β€” a domain that differs from the legitimate "bankofwesternusa.com" only in the top-level domain. They deploy a pixel-perfect replica of the bank's login page. Customers who type ".net" instead of ".com" land on the fake page and submit their credentials. What attack technique is this?
Question 5 of 6
DNSSEC is implemented across an organization's DNS infrastructure. Which of the following DNS attack vectors does DNSSEC directly mitigate, and which does it NOT address?
Question 6 of 6
A security analyst reports that a domain "officialcompany.org" has been registered by an unknown party and is displaying advertisements for products unrelated to the company. The company's actual domain is "officialcompany.com". Which URL hijacking motivation BEST describes this scenario?
Matching β€” DNS Attack Concepts
Match each term on the left to its correct description on the right.
1. DNS Poisoning
2. Domain Hijacking
3. Typosquatting
4. Host File
A. A local system file that is consulted before DNS servers and whose entries take precedence over external DNS responses
B. Gaining access to a domain registrar account to change DNS records and redirect traffic without touching any actual server
C. Corrupting DNS data β€” whether on a server, in a local file, or via forged responses β€” to redirect users to malicious destinations
D. Registering misspelled or slightly altered domain names to capture traffic from users who make typing errors or TLD assumptions