Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PCNSC Topic 5 Question 66 Discussion

Actual exam question for Palo Alto Networks's PCNSC exam
Question #: 66
Topic #: 5
[All PCNSC Questions]

When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security policy with DNS sinhole enabled, generating a traffic log.

What will be the destination IP Address in that log entry?

Show Suggested Answer Hide Answer

Contribute your Thoughts:

Clemencia
8 months ago
Hmm, that's a good point. I didn't consider that possibility. But wouldn't that mean the traffic would still be routed to an external server, rather than being completely sinkholed? I'm leaning more towards C, just to be safe.
upvoted 0 times
...
Raylene
8 months ago
I'm not so sure about that. What if the sinkhole is configured to use the IP address of one of the external DNS servers identified in the anti-spyware database? Wouldn't that be D then?
upvoted 0 times
Lawrence
7 months ago
Good point. In that case, it would be C.
upvoted 0 times
...
Cammy
7 months ago
But what if the sinkhole is specifically configured to use its own IP address?
upvoted 0 times
...
Luis
8 months ago
I think it would be D then.
upvoted 0 times
...
Nilsa
8 months ago
D) The IP Address of one of the external DNS servers identified in the anti-spyware database
upvoted 0 times
...
Lon
8 months ago
C) The IP Address specified in the sinkhole configuration
upvoted 0 times
...
Jean
8 months ago
B) The IP Address of the command-and-control server
upvoted 0 times
...
Catherin
8 months ago
A) The IP Address of sinkhole.paloaltonetworks.com
upvoted 0 times
...
...
Avery
8 months ago
Yeah, I agree with you. The sinkhole is designed to redirect the malware-infected host's traffic to a specific IP address, so C seems like the logical choice here. It's a pretty straightforward question, but I'm sure the exam will have some trickier ones too.
upvoted 0 times
...
Tamar
8 months ago
Hmm, this question seems to be testing our understanding of how DNS sinkholing works. I'm pretty sure the answer is C, the IP address specified in the sinkhole configuration. That's where the traffic would get redirected to, right?
upvoted 0 times
...

Save Cancel