GIAC Certified Incident Handler (GCIH) — Question 172

If an attacker is attempting to use the Kaminsky method of DNS cache poisoning, what is the maximum number of unique Query IDs which must be presented to the victim DNS server before a match is made?

Answer options

Correct answer: D

Explanation

The correct answer is D, as the Kaminsky method requires the attacker to send 1024 unique Query IDs to successfully exploit the DNS cache. The other options represent higher values that exceed the necessary number of Query IDs needed for this specific attack, making them incorrect.