The correct answer is B. Implementing a Split DNS Architecture.

The issue is that the same DNS infrastructure is being used for both internal and external name resolution, causing internal namespace details to be exposed externally. Split DNS separates internal and external DNS views so that external users receive only public records, while internal clients can resolve private hostnames and internal service records.

CEH-aligned reconnaissance material explains that footprinting and DNS-related information gathering can reveal domain names, namespaces, IP addresses, and network details useful for planning attacks . It also describes DNS and WHOIS queries as methods used during footprinting to collect topology and infrastructure information about a target network . Split DNS directly reduces this exposure by preventing public DNS queries from returning internal naming data.

Option A is incorrect because source port and query ID randomization helps reduce DNS spoofing/cache-poisoning risk, not namespace disclosure.

Option C is incorrect because rate limiting controls query volume, while the problem is sensitive information exposure.

Option D is useful for detection and investigation, but it does not prevent external clients from receiving internal DNS details.

Therefore, the best answer is B. Implementing a Split DNS Architecture.