Which display filter identifies DNS A record responses?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

Which display filter identifies DNS A record responses?

Explanation:
To identify DNS A record responses, look for packets that are DNS responses and whose original query was for an A record. In Wireshark display filters, dns.flags.response == 1 flags a packet as a DNS response, and dns.qry.type == 1 indicates the query type was A (type 1). By combining them with a logical AND, you select responses to A queries, i.e., DNS A record responses. The other options either pick all responses regardless of query type, or select A-type queries regardless of whether they are responses, or target a different record type (CNAME).

To identify DNS A record responses, look for packets that are DNS responses and whose original query was for an A record. In Wireshark display filters, dns.flags.response == 1 flags a packet as a DNS response, and dns.qry.type == 1 indicates the query type was A (type 1). By combining them with a logical AND, you select responses to A queries, i.e., DNS A record responses. The other options either pick all responses regardless of query type, or select A-type queries regardless of whether they are responses, or target a different record type (CNAME).

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy