Certified Ethical Hacker (CEH v11) — Question 85

What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?

Answer options

• A. The attacker queries a nameserver using the DNS resolver.
• B. The attacker uses TCP to poison the DNS resolver.
• C. The attacker makes a request to the DNS resolver.
• D. The attacker forges a reply from the DNS resolver.

Correct answer: A

Explanation

The correct answer is A because the first step in a DNS cache poisoning attack involves querying a nameserver to gather information. Options B, C, and D describe actions that occur later in the attack process or are not specifically the initial step.