In a DNS response, where would you look to detect a large number of A records for a single query?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

In a DNS response, where would you look to detect a large number of A records for a single query?

Explanation:
When you query for an A record, the DNS response is organized so the actual results that answer the query sit in the Answer section. If there are many IPs associated with the name, you’ll see a large set of A records there, directly answering the request. The other sections serve different purposes: the Question section just echoes what you asked, the Authority section indicates which server or zone is authoritative for the domain, and the Additional section provides extra data that can help with resolution (like glue records or related A/AAAA records for names mentioned in other records). They aren’t the primary place where the direct A-record answers for that query are kept.

When you query for an A record, the DNS response is organized so the actual results that answer the query sit in the Answer section. If there are many IPs associated with the name, you’ll see a large set of A records there, directly answering the request.

The other sections serve different purposes: the Question section just echoes what you asked, the Authority section indicates which server or zone is authoritative for the domain, and the Additional section provides extra data that can help with resolution (like glue records or related A/AAAA records for names mentioned in other records). They aren’t the primary place where the direct A-record answers for that query are kept.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy