Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PSE-Platform Topic 3 Question 80 Discussion

Actual exam question for Palo Alto Networks's PSE-Platform exam
Question #: 80
Topic #: 3
[All PSE-Platform Questions]

DNS sinkholing helps identify infected hosts on the protected network using DNS traffic in situations where the firewall cannot see the infected client's DNS query (that is, the firewall cannot see the originator of DNS query)

Which of the following Statements is true?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Jacqueline at Feb 07, 2025, 03:04 PM

Limited Time Offer

25%

Off

Get Premium PSE-Platform Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Rosenda
2 months ago
A is definitely wrong - the Vulnerability Protection Profile has nothing to do with DNS sinkholing. Sounds like someone just threw that in there to confuse us.
upvoted 0 times
...
Tyisha
2 months ago
D can't be right, why would you need a special license just to set up a sinkhole? That's overkill.
upvoted 0 times
Holley
23 days ago
C) Infected hosts can then be easily identified in the traffic logs because any host that attempts to connect the sinkhole IP address are most likely infected with malware.
upvoted 0 times
...
Ricki
25 days ago
B) Sinkholing malware DNS queries solves this visibilty problem by forging responses to the client host queries directed at fake domains created in a controlled 'Fake Internet' called Zanadu which designed for testing and honeypots.
upvoted 0 times
...
Ruth
1 months ago
A) DNS Sinkholing requires the Vulnerability Protection Profile be enabled.
upvoted 0 times
...
...
Tonette
2 months ago
B seems like the most comprehensive explanation of how DNS sinkholing works to identify infected hosts. I like the mention of the 'Fake Internet' - sounds like a fun place to explore!
upvoted 0 times
Rolande
1 months ago
User 3: Definitely, it's a clever way to identify infected hosts through DNS traffic.
upvoted 0 times
...
Gearldine
1 months ago
User 2: Yeah, I agree. It's interesting how they use a 'Fake Internet' for testing and honeypots.
upvoted 0 times
...
Cletus
2 months ago
User 1: I think B is the correct answer. It explains how sinkholing works by creating fake domains in a controlled environment.
upvoted 0 times
...
...
Domitila
2 months ago
Option C sounds like the correct answer. Tracing infected hosts through their attempts to connect to the sinkhole IP makes a lot of sense.
upvoted 0 times
Glennis
1 months ago
I agree. It's an effective method to detect malware activity on the network.
upvoted 0 times
...
Charlesetta
1 months ago
Yes, that's right. It's a clever way to identify infected hosts without directly seeing the DNS query originator.
upvoted 0 times
...
Sharmaine
2 months ago
Option C sounds like the correct answer. Tracing infected hosts through their attempts to connect to the sinkhole IP makes a lot of sense.
upvoted 0 times
...
...
Ryan
3 months ago
I'm not sure, but I think the answer might be D.
upvoted 0 times
...
Detra
3 months ago
I disagree, I believe the answer is B.
upvoted 0 times
...
Broderick
3 months ago
I think the answer is C.
upvoted 0 times
...

Save Cancel