Blocking inbound TCP port 53 connections serves to prevent unauthorized zone transfers.

Boost your skills for the EC-Council Certified Ethical Hacker v13 Exam. Use flashcards and multiple choice questions to prepare effectively. Each question includes hints and explanations. Get exam-ready now!

Multiple Choice

Blocking inbound TCP port 53 connections serves to prevent unauthorized zone transfers.

Explanation:
Zone transfers replicate the DNS zone data from a primary DNS server to its secondary servers and they use TCP on port 53. By blocking inbound TCP connections to port 53, you prevent remote hosts from requesting those transfers, which stops unauthorized disclosure of your zone data. Regular DNS queries, on the other hand, primarily use UDP on port 53, so normal resolution from clients can continue as long as UDP is allowed. If you need to allow legitimate transfers, you should restrict the source IPs and ideally use authentication like TSIG. This measure doesn’t directly prevent cache poisoning or remote code execution, which are addressed by different controls and defenses.

Zone transfers replicate the DNS zone data from a primary DNS server to its secondary servers and they use TCP on port 53. By blocking inbound TCP connections to port 53, you prevent remote hosts from requesting those transfers, which stops unauthorized disclosure of your zone data. Regular DNS queries, on the other hand, primarily use UDP on port 53, so normal resolution from clients can continue as long as UDP is allowed. If you need to allow legitimate transfers, you should restrict the source IPs and ideally use authentication like TSIG. This measure doesn’t directly prevent cache poisoning or remote code execution, which are addressed by different controls and defenses.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy