Broadcom 250-586 Exam - Topic 2 Question 27 Discussion

When configuring DNS change detection for SONAR, two available options are Block and Log. These options allow administrators to define how SONAR should respond to unexpected or suspicious DNS changes.

Block: This option enables SONAR to immediately block DNS changes that it detects as potentially malicious, preventing suspicious DNS redirections that could expose endpoints to threats like phishing or malware sites.

Log: Selecting Log allows SONAR to record DNS changes without taking direct action. This option is useful for monitoring purposes, providing a record of changes for further analysis.

Explanation of Why Other Options Are Less Likely:

Option B (Active Response) and Option C (Quarantine) are generally associated with threat responses but are not specific to DNS change detection.

Option E (Trace) is not an available response option for DNS changes in SONAR.

Therefore, the correct options for configuring DNS change detected for SONAR are Block and Log.