How does the DNS Guard feature help prevent UDP sesion hijacking and DoS attacks?
A.
It prevents any DNS name resolution requests to DNS servers behind the PIX Firewall.
B.
It prevents all DNS responses from passing through the PIX Firewall.
C.
Only the first reply from any given DNS server is allowed through the PIX Firewall. The PIX
discards all other replies from the same server.
D.
If multiple DNS servers are queried, only the first answer from the first server to reply is allowed
through the PIX Firewall. The PIX does not wait for the default UDP timer to close the sessions but
tears down connections to all DNS servers after receiving the first reply.