Certified Ethical Hacker (CEH v11) — Question 25
DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?
Answer options
- A. nslookup -fullrecursive update.antivirus.com
- B. dnsnooping -rt update.antivirus.com
- C. nslookup -norecursive update.antivirus.com
- D. dns --snoop update.antivirus.com
Correct answer: C
Explanation
The correct answer is C, as the 'nslookup -norecursive' command checks the DNS cache for a specific entry without querying other DNS servers. Option A performs a full recursive lookup, which is not suitable for checking cache entries. Option B is not a valid command for this purpose, and option D does not exist as a standard command for checking DNS cache.