Exam PT0-003 Topic 2 Question 115 Discussion
Actual exam question for CompTIA's PT0-003 exam
Question #: 115
Topic #: 2
Question #: 115
Topic #: 2
A client recently hired a penetration testing firm to conduct an assessment of their consumer-facing web application. Several days into the assessment, the client's networking team observes a substantial increase in DNS traffic. Which of the following would most likely explain the increase in DNS traffic?
Suggested Answer: A Vote an answer
An increase in DNS traffic during a penetration test suggests data exfiltration using DNS tunneling, a method where attackers encode data into DNS queries to avoid detection.
* Option A (Covert data exfiltration) #: Correct. DNS tunneling (e.g., dnscat2, Iodine) is a stealthy method to bypass firewalls and extract sensitive data.
* Option B (URL spidering) #: Would cause increased web traffic, not DNS requests.
* Option C (HTML scraping) #: Involves parsing web pages, not DNS traffic.
* Option D (DoS attack) #: DoS floods bandwidth or servers, but does not increase DNS queries significantly.
# Reference: CompTIA PenTest+ PT0-003 Official Guide - DNS Tunneling & Data Exfiltration
* Option A (Covert data exfiltration) #: Correct. DNS tunneling (e.g., dnscat2, Iodine) is a stealthy method to bypass firewalls and extract sensitive data.
* Option B (URL spidering) #: Would cause increased web traffic, not DNS requests.
* Option C (HTML scraping) #: Involves parsing web pages, not DNS traffic.
* Option D (DoS attack) #: DoS floods bandwidth or servers, but does not increase DNS queries significantly.
# Reference: CompTIA PenTest+ PT0-003 Official Guide - DNS Tunneling & Data Exfiltration
by Leo at Mar 28, 2025, 11:53 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).