CompTIA PenTest+ (PT0-003) — Question 120

During an engagement, a penetration tester runs the following command against the host system:

host -t axfr domain.com dnsl.domain.com

Which of the following techniques best describes what the tester is doing?

Answer options

• A. Zone transfer
• B. Host enumeration
• C. DNS poisoning
• D. DNS query

Correct answer: A

Explanation

The command 'host -t axfr' is specifically used to perform a zone transfer, which allows the tester to download the entire DNS zone file from the DNS server. The other options do not accurately describe the action; host enumeration refers to gathering information about hosts, DNS poisoning involves corrupting DNS data, and a DNS query is a general request for information, not specifically related to zone transfers.