Palo Alto Networks Exam PCNSC Topic 1 Question 70 Discussion

Actual exam question for Palo Alto Networks's Palo Alto Networks Certified Network Security Consultant exam

Question #: 70
Topic #: 1

[All Palo Alto Networks Certified Network Security Consultant Questions]

When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security policy with DNS sinhole enabled, generating a traffic log.

What will be the destination IP Address in that log entry?

AThe IP Address of sinkhole.paloaltonetworks.com

BThe IP Address of the command-and-control server

CThe IP Address specified in the sinkhole configuration

DThe IP Address of one of the external DNS servers identified in the anti-spyware database

Show Suggested Answer

Suggested Answer: C

https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Verify-DNS-Sinkhole-Function-is-Working/ta-p/65864

by Devora at Mar 06, 2024, 07:23 PM

Limited Time Offer

25%

Off

Get Premium PCNSC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Shawana

11 days ago

Haha, you guys are really overthinking this. It's obviously C - the IP address specified in the sinkhole configuration. The sinkhole is where the traffic is being redirected, so that's what's going to be logged.

upvoted 0 times

...

Carlton

12 days ago

I'm not so sure about that, Sanjuana. If the traffic is being redirected to the sinkhole, then I think the log would show the IP address of the sinkhole, which is C. That's my guess.

upvoted 0 times

...

Sanjuana

13 days ago

I'm leaning towards B - the IP address of the command-and-control server. That's the original destination the malware-infected host was trying to reach, so I think that's what would be logged.

upvoted 0 times

...

Jesus

14 days ago

Hmm, this is an interesting one. I'm not entirely sure, but I think the answer might be C - the IP address specified in the sinkhole configuration. That makes the most sense to me, since the traffic is being redirected to the sinkhole.

upvoted 0 times

...