Which display filter shows only DNS A record queries and their responses?

Prepare for the Wireshark Traffic Analysis Exam. Study with flashcards and multiple choice questions, each question includes hints and explanations. Ace your exam!

Multiple Choice

Which display filter shows only DNS A record queries and their responses?

Explanation:
DNS uses numeric codes to identify the type of records in a query or response. An A record has code 1 and a CNAME has code 5. When tracing how a hostname resolves to an IPv4 address, you may encounter both an A query and CNAME-related steps in the same exchange. Filtering on both codes ensures you see the A-resolution path and any CNAME-related pieces that can appear as part of that process, giving you a complete view of the flow. Filtering only on the A code would miss the CNAME steps that can accompany or precede the final A result, while filtering only on the CNAME code would miss the actual A queries. The remaining option that includes both 1 and 5 best captures the relevant DNS exchanges for A-record resolution.

DNS uses numeric codes to identify the type of records in a query or response. An A record has code 1 and a CNAME has code 5. When tracing how a hostname resolves to an IPv4 address, you may encounter both an A query and CNAME-related steps in the same exchange. Filtering on both codes ensures you see the A-resolution path and any CNAME-related pieces that can appear as part of that process, giving you a complete view of the flow.

Filtering only on the A code would miss the CNAME steps that can accompany or precede the final A result, while filtering only on the CNAME code would miss the actual A queries. The remaining option that includes both 1 and 5 best captures the relevant DNS exchanges for A-record resolution.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy