Your IDS application paged you at 3:00 a.m. and informed you that an attack occurred against
your DNS server. You drive to the server site to investigate. You find no evidence of an attack,
although the IDS application claims that a remote DNS server waged an attack on port 53 of your
intranet DNS server. You check the logs and discover that a zone transfer has occurred. You
check your zones and name resolution, and discover that all entries exist, and no unusual entries
have been added to the database. What has most likely occurred?
A.
A malfunction of the internal name server
B.
A denial-of-service attack against your internal DNS server
C.
A false positive generated by the IDS
D.
A DNS poisoning attack against your internal DNS server