Question

After a DNS zone has been secured with DNSSEC, what additional data will be returned to a client as a result of a query?

A) Information about the organization administering the zone

B) Information about the server providing the DNS zone

C) Digital signatures of the administrators of the zone

D) Digital signatures for the returned records

Answer 1

The additional data returned to a client after a DNS query to a DNSSEC-secured zone includes digital signatures for the returned records. These signatures help to authenticate the data and ensure its integrity.

Step-by-step explanation:

After securing a DNS zone with DNSSEC (Domain Name System Security Extensions), the additional data returned to a client as a result of a query would be D) Digital signatures for the returned records. DNSSEC adds a layer of security to the DNS system by enabling the authentication of the origin of DNS data, ensuring its integrity, and negating the effects of certain types of attacks such as cache poisoning or spoofing

When you make a DNS query to a zone that is DNSSEC-protected, you will receive DNS records along with their corresponding digital signatures generated using a public key cryptography system. These signatures are then verified using the public key that is vouched for by the parent zone through a secure chain of trust, ensuring that the data has not been tampered with and is authentic.