CompTIA Security Exam Practice Questions Sample SY0 501 Q238

A company wants to host a publicly available server that performs the following functions:

– Evaluates MX record lookup
– Can perform authenticated requests for A and AAA records Uses RRSIG

Which of the following should the company use to fulfill the above requirements?

A. DNSSEC
B. SFTP
C. nslookup
D. dig

Correct Answer: A

Explanation:
DNS Security Extensions (DNSSEC) provides, among other things, cryptographic authenticity of responses using Resource Record Signatures (RRSIG) and authenticated denial of existence using Next-Secure (NSEC) and Hashed-NSEC records (NSEC3).