How would you verify that a DNS response matches a particular query ID?

Study for the Wireshark Block 5 Exam. Prepare with flashcards and multiple choice questions, each offering hints and explanations. Ace your exam with the best resources!

Multiple Choice

How would you verify that a DNS response matches a particular query ID?

Explanation:
DNS responses include a 16-bit transaction ID in the header. The response must carry the same ID as the query, so comparing the response’s id to the query’s id confirms this is the reply to your request. In addition, you should verify that the domain name in the response matches the queried name (the question section or the answer’s name field should reflect the same domain). This dual check—matching the transaction ID and the requested name—ensures the response corresponds to your specific query and contains the correct data. Other pieces like IP addresses, TTL values, or MAC addresses don’t reliably link a response to a particular query, so they’re not used for this verification.

DNS responses include a 16-bit transaction ID in the header. The response must carry the same ID as the query, so comparing the response’s id to the query’s id confirms this is the reply to your request. In addition, you should verify that the domain name in the response matches the queried name (the question section or the answer’s name field should reflect the same domain). This dual check—matching the transaction ID and the requested name—ensures the response corresponds to your specific query and contains the correct data. Other pieces like IP addresses, TTL values, or MAC addresses don’t reliably link a response to a particular query, so they’re not used for this verification.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy