Multiple choice technology security

Which of the following is the principal weakness of DNS (Domain Name System)?

  1. Lack of authentication of servers, and thereby authenticity of records

  2. Its latency, which enables insertion of records between the time when a record has expired and when it is refreshed

  3. The fact that it is a simple, distributed, hierarchical database instead of a singular, relational one, thereby giving rise to the possibility of inconsistencies going undetected for a certain amount of time

  4. The fact that addresses in e-mail can be spoofed without checking their validity in DNS, caused by the fact that DNS addresses are not digitally signed

Reveal answer Fill a bubble to check yourself
A Correct answer
Explanation

DNS was originally designed without authentication mechanisms, making it vulnerable to cache poisoning and spoofing attacks where malicious actors can inject false DNS records. DNSSEC was later developed to address this weakness by adding digital signatures to verify record authenticity. Options B and C describe characteristics that are not security weaknesses, while D confuses email spoofing with DNS vulnerabilities.