The SecOps Group Exam CNSP Topic 6 Question 5 Discussion

Actual exam question for The SecOps Group's CNSP exam

Question #: 5
Topic #: 6

[All CNSP Questions]

What ports can be queried to perform a DNS zone transfer?

A53/TCP

B53/UDP

CBoth 1 and 2

DNone of the above

Show Suggested Answer

Suggested Answer: A

A DNS zone transfer involves replicating the DNS zone data (e.g., all records for a domain) from a primary to a secondary DNS server, requiring a reliable transport mechanism.

Why A is correct: DNS zone transfers use TCP port 53 because TCP ensures reliable, ordered delivery of data, which is critical for transferring large zone files. CNSP notes that TCP is the standard protocol for zone transfers (e.g., AXFR requests), as specified in RFC 5936.

Why other options are incorrect:

B . 53/UDP: UDP port 53 is used for standard DNS queries and responses due to its speed and lower overhead, but it is not suitable for zone transfers, which require reliability over speed.

C . Both 1 and 2: This is incorrect because zone transfers are exclusively TCP-based, not UDP-based.

D . None of the above: Incorrect, as 53/TCP is the correct port for DNS zone transfers.

by Raul at Mar 23, 2025, 03:27 PM

Limited Time Offer

25%

Off

Get Premium CNSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Alpha

2 months ago

Because both TCP and UDP ports can be queried for DNS zone transfer.

upvoted 0 times

...

Melissa

2 months ago

C is the correct answer, but I'm also partial to D. 'None of the above' is always a valid choice, especially on trick questions like this.

upvoted 0 times

Marti

15 days ago

Always good to consider all options.

upvoted 0 times

...

Daniel

16 days ago

True, 'None of the above' can be a safe bet.

upvoted 0 times

...

Josephine

20 days ago

I agree, but D is also a valid choice.

upvoted 0 times

...

Rolland

22 days ago

I think C is the correct answer.

upvoted 0 times

...

Myra

25 days ago

Always good to consider all options.

upvoted 0 times

...

Dustin

1 months ago

True, 'None of the above' can be a safe bet.

upvoted 0 times

...

Yuki

2 months ago

I agree, but D is also a valid choice.

upvoted 0 times

...

Joseph

2 months ago

I think C is the correct answer.

upvoted 0 times

...

Kristofer

3 months ago

Why do you think it's C)?

upvoted 0 times

...

Alpha

3 months ago

I disagree, I believe the answer is C) Both 1 and 2.

upvoted 0 times

...

Eura

3 months ago

Haha, the exam writer must have a twisted sense of humor to include such a silly option. C is the way to go, no doubt about it.

upvoted 0 times

Jose

2 months ago

C) Both 1 and 2

upvoted 0 times

...

Hildred

2 months ago

B) 53/UDP

upvoted 0 times

...

Denae

2 months ago

A) 53/TCP

upvoted 0 times

...

Kristofer

3 months ago

I think the answer is A) 53/TCP.

upvoted 0 times

...

Edelmira

3 months ago

D? Really? That can't be right. Why would there be an option for 'None of the above' on a DNS question?

upvoted 0 times

...

Pamela

3 months ago

Hmm, I thought zone transfers only used TCP. Guess I need to brush up on my DNS knowledge.

upvoted 0 times

Tuyet

2 months ago

User 3: I guess we both need to review our DNS knowledge.

upvoted 0 times

...

Cecily

2 months ago

User 2: Yeah, me too. But apparently it can also use UDP.

upvoted 0 times

...

Ivette

2 months ago

User 1: I always thought DNS zone transfers only used TCP.

upvoted 0 times

...

Cherelle

3 months ago

Obviously, it's C. Both TCP and UDP port 53 are used for DNS queries, including zone transfers.

upvoted 0 times

Christiane

2 months ago

So, the correct answer is C. Both 53/TCP and 53/UDP can be used for DNS zone transfers.

upvoted 0 times

...

Adolph

3 months ago

Yes, you're right. Port 53 can be queried for DNS zone transfers.

upvoted 0 times

...

Tran

3 months ago

I think it's C. Both TCP and UDP port 53 are used for DNS queries.

upvoted 0 times

...