Which attack redirects users to a fraudulent site by corrupting DNS resolution?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which attack redirects users to a fraudulent site by corrupting DNS resolution?

Explanation:
Redirecting users to a fraudulent site by corrupting DNS resolution happens when an attacker alters DNS data so that a legitimate domain resolves to an attacker-controlled IP address. This can occur through DNS cache poisoning, compromising a DNS server, or changing a local hosts file or router settings. As a result, even if the user types the correct URL or uses a bookmark, the resolver returns the attacker’s address and the browser lands on a fake site that imitates the real one, potentially harvesting credentials or other sensitive data. Phishing relies on tricks to get the user to visit a malicious site or reveal information, usually via deceptive emails or messages, and does not necessarily involve tampering with DNS. Injection involves inserting malicious code into software or queries. Dumpster diving is the physical theft of information from discarded materials. The described method is pharming.

Redirecting users to a fraudulent site by corrupting DNS resolution happens when an attacker alters DNS data so that a legitimate domain resolves to an attacker-controlled IP address. This can occur through DNS cache poisoning, compromising a DNS server, or changing a local hosts file or router settings. As a result, even if the user types the correct URL or uses a bookmark, the resolver returns the attacker’s address and the browser lands on a fake site that imitates the real one, potentially harvesting credentials or other sensitive data.

Phishing relies on tricks to get the user to visit a malicious site or reveal information, usually via deceptive emails or messages, and does not necessarily involve tampering with DNS. Injection involves inserting malicious code into software or queries. Dumpster diving is the physical theft of information from discarded materials. The described method is pharming.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy