Certified Information Systems Security Professional – CISSP – Question104

From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system?

A.
Disable all recursive queries on the name servers
B. Limit zone transfers to authorized devices
C. Configure secondary servers to use the primary server as a zone forwarder
D. Block all Transmission Control Protocol (TCP) connections

Correct Answer: B