Certified Ethical Hacker (CEH v12) — Question 248
Henry is a penetration tester who works for XYZ organization. While performing enumeration on a client organization, he queries the DNS server for a specific cached DNS record. Further, by using this cached record, he determines the sites recently visited by the organization's user.
What is the enumeration technique used by Henry on the organization?
Answer options
- A. DNS zone walking
- B. DNS cache snooping
- C. DNS cache poisoning
- D. DNSSEC zone walking
Correct answer: B
Explanation
The correct answer is B, DNS cache snooping, which refers to the technique of checking the DNS cache to find out what records are cached and potentially infer recent user activity. The other options, such as DNS zone walking (A) and DNS cache poisoning (C), involve different methods of interacting with DNS but do not specifically relate to querying cached records for user activity. DNSSEC zone walking (D) pertains to security extensions of DNS and not to enumeration of recently visited sites.