Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?
A . An attacker is sniffing traffic to port 53, and the server is managed using unencrypted usernames and passwords.
B . An organization is experiencing excessive traffic on port 53 and suspects an attacker is trying to DoS the domain name server.
C . Malware trying to resolve an unregistered domain name to determine if it is running in an isolated sandbox
D . Routing tables have been compromised, and an attacker is rerouting traffic to malicious websites
Answer: A
Latest SY0-601 Dumps Valid Version with 396 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
A DNS sinkhole, also known as a sinkhole server, Internet sinkhole, or Blackhole DNS is a DNS server that has been configured to hand out non-routable addresses for a certain set of domain names. Every computer that uses the sinkhole will fail to access the real site. The higher up the DNS resolution chain the sinkhole is, the more requests it will block as it will supply answers to a greater number of lower NS servers that in turn will serve a greater number of clients. Some of the larger botnets have been made unusable by TLD sinkholes that span the entire Internet. DNS Sinkholes are effective at detecting and blocking bots and other malicious traffic.
Looks like answer :D) to me