New RBI Grade B 2025 Notification will come Soon! Enroll Here

    Question

    Which attack can be mitigated using DNSSEC (Domain Name

    System Security Extensions)?
    A Distributed Denial of Service (DDoS) attacks Correct Answer Incorrect Answer
    B Man-in-the-Middle (MITM) attacks Correct Answer Incorrect Answer
    C DNS Spoofing (Cache Poisoning) Correct Answer Incorrect Answer
    D SQL Injection attacks Correct Answer Incorrect Answer
    E Phishing attacks Correct Answer Incorrect Answer

    Solution

    DNSSEC is specifically designed to prevent DNS spoofing, also known as cache poisoning, where an attacker injects malicious data into a DNS resolver’s cache, redirecting users to fraudulent websites. DNSSEC works by using digital signatures and public-key cryptography to verify the authenticity of DNS responses. This ensures that users always receive accurate and untampered domain-to-IP mappings. For instance, if a user attempts to access "example.com," DNSSEC validates the response from the authoritative DNS server, blocking any malicious attempts to redirect the user to a phishing site. Why Other Options Are Incorrect:

    • A) DNSSEC does not prevent DDoS attacks, which require traffic mitigation strategies like rate limiting or load balancing.
    • B) While DNSSEC ensures DNS response integrity, it does not provide end-to-end encryption to thwart MITM attacks entirely.
    • D) SQL Injection is a database vulnerability unrelated to DNS, requiring secure query practices to mitigate.
    • E) Phishing attacks exploit human behavior rather than technical vulnerabilities like DNS spoofing.

    Practice Next