A cybersecurity analyst is working on an open investigation for a company. The s

Question

A cybersecurity analyst is working on an open investigation for a company. The security analyst reviewed several security logs upon arriva. The following is a snippet of code reviewed in the security logs: tlocalhost] /dnsrecon.db -t rvs -i 192.168.1.1, 192.168.1.20 [localhost] echovar/log/auth.log Which of the following BEST describes what the analyst has just observed in the logs? (Select TWo) the hostname for 192.1.1.0/24 DA B. Dc O D E. The user who was accessing the machine was attempting to enumerate t The user who was accessing The user who was accessing the machine was attempting to cover up any tracks The user who was accessing the machine was attempting to reverse lookup for the hostname The user who was accessing the machine was attempting to retrieve standard DNS records but failed the machine was attempting to perform a DNS poisoning attack

Explanation / Answer

Dns Reconnaissance is used to gather the information on the dns servers.

It can be used to perform

Zone walking :

Zone transfer: This helps to retrieve the topology of network infrastructure.

Google lookup

Reverse lookup : It is finding domain name from lookong the IP addresses.

Domain and host brute force : This helps brute force and find the domains of the servers even by using a name list.

Cache snooping: It can be occured only if dns is cached.This helps to retrieve more information on dns.

Standard record enumeration: This helps to know the some of protocols used and SRV records.

In the above question

Option D Is solution.

The user who was accessing machine is trying to reverse lookup the dns records.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.