NTA Challenge 2 - Packet Dissection

Accuracy: 100%

Prompt

Cyber Command: Dissect a DNS packet to understand how the protocol works. The hex dump contains raw DNS application data without any encapsulation.

Answers

Q1 (15 pts) - What is the Transaction ID of this DNS response (in hex)?
f7b1

Q2 (20 pts) - How many answer resource records are in this DNS packet?
5

Q3 (25 pts) - What is the queried domain from this DNS request?
stackoverflow

Q4 (25 pts) - What is the queried record type in the DNS query?
MX

Q5 (25 pts) - What is the value of the response record with the highest priority?
aspmx.l.google.com

Steps I Took

Used the included DNS packet structure diagram to map each field in the hex dump.

For Q3, converted the hex sequence 0d 73 74 61 63 6b 6f 76 65 72 66 6c 6f 77 03 63 6f 6d 00 to ASCII to get stackoverflow.com.