Certified Ethical Hacker (CEH v12) — Question 125

As a Certified Ethical Hacker, you are conducting a footprinting and reconnaissance operation against a target organization. You discover a range of IP addresses associated with the target using the SecurityTrails tool. Now, you need to perform a reverse DNS lookup on these IP addresses to find the associated domain names, as well as determine the nameservers and mail exchange (MX) records. Which of the following DNSRecon commands would be most effective for this purpose?

Answer options

• A. dnsrecon -r 192.168.1.0/24 -n nsl.example.com -t axfr
• B. dnsrecon -r 10.0.0.0/24 -n nsl.example.com -t zonewalk
• C. dnsrecon -r 162.241.216.0/24 -n nsl.example.com -t std
• D. dnsrecon -r 162.241.216.0/24 -d example.com -t brt

Correct answer: C

Explanation

The correct answer is C because the command uses the '-t std' option, which performs standard DNS enumeration, allowing you to obtain domain names, nameservers, and MX records effectively. Options A and B are incorrect as they utilize the wrong types of queries (axfr and zonewalk) that are not suited for standard DNS lookups. Option D is not correct because it specifies a domain with '-d' instead of using the IP range to achieve the desired results.