A network engineer noticed in the NetFlow report that internal hosts are sending many DNS requests to external DNS servers A SOC analyst checked the endpoints and discovered that they are infected and became part of the botnet Endpoints are sending multiple DNS requests but with spoofed IP addresses of valid external sources What kind of attack are infected endpoints involved in1?
Lea
8 months agoValda
8 months agoKathryn
8 months agoRashida
8 months agoGlory
8 months agoThomasena
8 months ago