Certified Ethical Hacker (CEH) — Question 117

Which of the following statements about a zone transfer is correct? (Choose three.)

Answer options

• A. A zone transfer is accomplished with the DNS
• B. A zone transfer is accomplished with the nslookup service
• C. A zone transfer passes all zone information that a DNS server maintains
• D. A zone transfer passes all zone information that a nslookup server maintains
• E. A zone transfer can be prevented by blocking all inbound TCP port 53 connections
• F. Zone transfers cannot occur on the Internet

Correct answer: A, C, E

Explanation

The correct answers are A, C, and E. A zone transfer is indeed accomplished with the DNS, transferring all zone information maintained by a DNS server. Blocking inbound TCP port 53 can prevent zone transfers, while options B, D, and F are incorrect, as nslookup does not perform zone transfers and zone transfers can occur on the Internet under certain conditions.