Which protocol allows an attacker to exploit a vulnerability due to unresolved name queries?

The correct choice identifies LLMNR/NBT-NS Poisoning as the protocol that enables an attacker to exploit a vulnerability related to unresolved name queries. LLMNR (Link-Local Multicast Name Resolution) and NBT-NS (NetBIOS Name Service) are both protocols used in local networks to resolve hostnames to IP addresses.

When a hostname cannot be resolved via regular DNS queries, systems may use LLMNR or NBT-NS as a fallback mechanism. Attackers can take advantage of this situation by responding to these query packets with false information. This makes it possible for the attacker to redirect traffic or access sensitive information, as the target system believes it is communicating with a legitimate server.

Utilizing LLMNR or NBT-NS poisoning effectively allows an attacker to intercept, manipulate, or capture network traffic that would otherwise be sent to the correct server, thereby exploiting the vulnerability stemming from unresolved name queries.

This highlights how critical it is for network security to manage and monitor these protocols, as they can provide attack vectors that bypass traditional security controls. Moreover, while other options like DNS poisoning and ARP spoofing involve similar concepts of misleading network traffic, they operate under different mechanisms and contexts, specifically relating to DNS resolution or local