When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security policy with DNS sinhole enabled, generating a traffic log.
What will be the destination IP Address in that log entry?
If the sinkhole is enabled, the destination IP should be the one specified in the configuration. So, C is the answer. Although, I'd love to know who came up with the term 'sinkhole' - must have been a security professional with a twisted sense of humor.
I agree with Veronika. The traffic matches a security policy with DNS sinkhole enabled, so it makes sense that the destination IP Address would be the sinkhole IP Address.
Hmm, I'm torn between A and C. But I'll go with C since it seems like the most logical choice. Although, with security, you never know what kind of crazy stuff they might pull...
Bettina
4 months agoLawanda
4 months agoMerlyn
4 months agoJeanice
4 months agoKaitlyn
5 months agoDana
4 months agoShelba
4 months agoAshlyn
4 months agoVeronika
5 months agoGenevive
5 months agoLatia
3 months agoRickie
4 months agoHortencia
4 months agoLong
4 months agoLashanda
4 months agoNoelia
4 months ago