Which three statements best describe how DNSSEC prevents DNS cache poisoning attacks from succeeding? (Choose three.)
A.
DNSSEC utilizes DS records to establish a trusted hierarchy of zones.
B.
DNSSEC signs all records with domain-specific keys.
C.
DNSSEC introduces KEY records that hold domain-specific public keys
D.
DNSSEC deprecates CNAME records and replaces them with DS records.