Certified Ethical Hacker (CEH v11) — Question 84

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls.
On which of the following ports should Robin run the NSTX tool?

Answer options

• A. Port 50
• B. Port 23
• C. Port 53
• D. Port 80

Correct answer: C

Explanation

The correct answer is C, Port 53, as DNS queries typically operate over this port, making it ideal for DNS tunneling. Ports 50 and 23 are not associated with DNS services, and while Port 80 is commonly used for HTTP traffic, it is not relevant for DNS tunneling specifically.