New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

The SecOps Group CNSP Exam - Topic 9 Question 13 Discussion

Actual exam question for The SecOps Group's CNSP exam
Question #: 13
Topic #: 9
[All CNSP Questions]

You are performing a security audit on a company's infrastructure and have discovered that the domain name system (DNS) server is vulnerable to a DNS cache poisoning attack. What is the primary security risk?

Show Suggested Answer Hide Answer
Suggested Answer: A

DNS cache poisoning, also known as DNS spoofing, involves an attacker injecting false DNS records into a resolver's cache, altering how domain names resolve.

Why A is correct: The primary risk is that an attacker can redirect users to malicious websites (e.g., phishing or malware sites) by poisoning the DNS cache with fake IP addresses. This can lead to credential theft, data exfiltration, or malware distribution. CNSP identifies this as the core threat of DNS cache poisoning, aligning with real-world attack vectors.

Why other option is incorrect:

B . Manipulate the cache of the web server or proxy server: This describes web cache poisoning, a different attack targeting HTTP caches, not DNS servers. DNS cache poisoning affects DNS resolution, not web or proxy server caches directly.


by Darci at Aug 14, 2025, 04:04 AM

Limited Time Offer

25%

Off

Get Premium CNSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Gussie
2 months ago
A is spot on, stealing info is a major concern!
upvoted 0 times
...
Pura
2 months ago
B makes more sense to me, it’s about content manipulation.
upvoted 0 times
...
Robt
3 months ago
Really? I’m surprised this is still a problem in 2023.
upvoted 0 times
...
Na
3 months ago
I thought DNS cache poisoning was just about redirecting traffic, not content.
upvoted 0 times
...
Mickie
3 months ago
Definitely A, that’s a huge risk!
upvoted 0 times
...
Mary
3 months ago
I’m leaning towards option A, but I wonder if option B could also have significant implications for user trust and data integrity.
upvoted 0 times
...
Lashon
4 months ago
I practiced a similar question where the focus was on data theft from redirected traffic. I think that's a major risk here too.
upvoted 0 times
...
Domingo
4 months ago
I’m not entirely sure, but I feel like manipulating the cache could also lead to serious issues, like serving incorrect content.
upvoted 0 times
...
Leatha
4 months ago
I remember studying DNS vulnerabilities, and I think redirecting traffic to a malicious site is a big concern.
upvoted 0 times
...
Lilli
4 months ago
Okay, let me break this down. If the DNS server is vulnerable, that means an attacker could potentially inject false DNS records into the cache. This would allow them to redirect traffic to a site they control and steal data. I think that's the key risk here.
upvoted 0 times
...
Melissia
4 months ago
I'm pretty confident that the correct answer is that the attacker could redirect traffic to a malicious site and steal sensitive info. DNS cache poisoning is all about hijacking the DNS resolution process to point users to the wrong IP address.
upvoted 0 times
...
Yolande
4 months ago
Hmm, I'm a bit confused on this one. Is the risk that the attacker could manipulate the cache of the web server or proxy server? Or is it the risk of redirecting to a malicious site? I'll have to think this through carefully.
upvoted 0 times
...
Winifred
5 months ago
This seems like a pretty straightforward question. The primary risk of a DNS cache poisoning attack is that an attacker could redirect traffic to a malicious website and steal sensitive information.
upvoted 0 times
...
Therese
6 months ago
I think the primary risk is that an attacker could redirect traffic to a malicious website and steal sensitive information.
upvoted 0 times
...
Dacia
6 months ago
Option A is the correct answer. DNS cache poisoning allows attackers to redirect traffic to their own malicious site, which can lead to data theft and other security breaches.
upvoted 0 times
Gail
5 months ago
Option A is the correct answer. DNS cache poisoning allows attackers to redirect traffic to their own malicious site, which can lead to data theft and other security breaches.
upvoted 0 times
...
...

Save Cancel