Certified Ethical Hacker (CEH v12) — Question 121

John, a professional hacker, decided to use DNS to perform data exfiltration on a target network. In this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique, John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server.
What is the technique employed by John to bypass the firewall?

Answer options

• A. DNSSEC zone walking
• B. DNS cache snooping
• C. DNS enumeration
• D. DNS tunneling method

Correct answer: D

Explanation

The correct answer is DNS tunneling method, which allows data to be transmitted over DNS queries and responses, effectively bypassing firewalls. The other options do not facilitate data exfiltration in the same way; DNSSEC zone walking involves retrieving information from DNSSEC-protected zones, DNS cache snooping is about querying cached DNS records, and DNS enumeration is related to discovering DNS records, not bypassing firewalls.