In RFC 4034, DNSSEC introduced which four new resource record types? (Choose four.)
Click on the arrows to vote for the correct answerA. B. C. D. E. F.
DNSSEC (Domain Name System Security Extensions) is a security protocol that is used to ensure the integrity and authenticity of DNS data. It is used to prevent DNS attacks such as DNS cache poisoning, man-in-the-middle attacks, and other types of attacks that can compromise DNS data.
RFC 4034 is the specification for DNSSEC, which introduced four new resource record types to the DNS system. These resource record types are:
A. DNS Public Key (DNSKEY): This resource record type is used to store public keys that are used to verify DNS digital signatures. The DNSKEY record is signed with a Zone Signing Key (ZSK) or a Key Signing Key (KSK).
B. Next Secure (NSEC): This resource record type is used to provide authenticated denial of existence for DNS data. It is used to prove that a DNS name does not exist in a zone.
C. Resource Record Signature (RRSIG): This resource record type is used to provide digital signatures for DNS data. The RRSIG record is used to verify the authenticity of DNS data.
D. Delegation Signer (DS): This resource record type is used to delegate authority over a DNS zone to a trusted third party. It is used to link a child zone to its parent zone.
E. Top Level Domain (TLD): TLDs are not a new resource record type introduced by RFC 4034. However, they are an essential component of DNSSEC. TLDs are the highest level in the DNS hierarchy, and they are responsible for signing the root zone.
F. Zone Signing Key (ZSK): This resource record type is used to sign DNS data in a zone. It is used to provide digital signatures for DNS data and is signed with a Key Signing Key (KSK).