Certified Ethical Hacker (CEH) — Question 14

Which DNS resource record can indicate how long any "DNS poisoning" could last?

Answer options

• A. MX
• B. SOA
• C. NS
• D. TIMEOUT

Correct answer: B

Explanation

The SOA (Start of Authority) record contains a field that defines the negative caching time, indicating how long DNS records can be cached and thus how long a DNS poisoning attack could be effective. The MX (Mail Exchange), NS (Name Server), and TIMEOUT options do not provide information on the duration of DNS poisoning.