312-85 question 9 discussion

View all Certified Threat Intelligence Analyst Exam here

Question 9

Enrage Tech Company hired Enrique, a security analyst, for performing threat intelligence analysis.
While performing data collection process, he used a counterintelligence mechanism where a
recursive DNS server is employed to perform interserver DNS communication and when a request is
generated from any name server to the recursive DNS server, the recursive DNS servers log the
responses that are received. Then it replicates the logged data and stores the data in the central
database. Using these logs, he analyzed the malicious attempts that took place over DNS
infrastructure.
Which of the following cyber counterintelligence (CCI) gathering technique has Enrique used for data
collection?

A. Data collection through passive DNS monitoring
B. Data collection through DNS interrogation
C. Data collection through DNS zone transfer
D. Data collection through dynamic DNS (DDNS)

Answer:

User Votes:

A 1 votes

50%

Discussions

0 / 1000

darave

4 months, 3 weeks ago

Correct answer is A

Passive DNS monitoring is a counterintelligence mechanism where a recursive DNS server is employed to perform inter-server DNS communication. When a request is generated from any name server to the recursive DNS server, the recursive DNS server logs the responses that are received. Then it replicates the logged data and stores the data in the central database.

Module 4 p426

312-85 question 9 discussion

View all Certified Threat Intelligence Analyst Exam here

View entire exam

Question 9

Answer:

User Votes: