New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PSE-Platform Exam - Topic 3 Question 80 Discussion

Actual exam question for Palo Alto Networks's PSE-Platform exam
Question #: 80
Topic #: 3
[All PSE-Platform Questions]

DNS sinkholing helps identify infected hosts on the protected network using DNS traffic in situations where the firewall cannot see the infected client's DNS query (that is, the firewall cannot see the originator of DNS query)

Which of the following Statements is true?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Jacqueline at Feb 07, 2025, 03:04 PM

Limited Time Offer

25%

Off

Get Premium PSE-Platform Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Juan
3 months ago
Wait, does sinkholing really need a special license? Sounds sketchy.
upvoted 0 times
...
Marg
3 months ago
Totally agree with C, that's how we catch the bad guys!
upvoted 0 times
...
Graciela
3 months ago
A is not necessary for sinkholing, just need the right setup.
upvoted 0 times
...
Mila
4 months ago
I think B is a bit off, never heard of a 'Fake Internet' called Zanadu.
upvoted 0 times
...
Lanie
4 months ago
C is definitely true, it's a solid way to spot infected hosts.
upvoted 0 times
...
Jeanice
4 months ago
I vaguely remember something about needing a license for sinkholing, but I can't recall if it was a SinkHole license or something else entirely.
upvoted 0 times
...
Micah
4 months ago
I practiced a similar question about DNS sinkholing, and I feel like the idea of a 'Fake Internet' was mentioned, but I'm not confident about the specifics of Zanadu.
upvoted 0 times
...
King
4 months ago
I think option C sounds familiar because it aligns with how we identify infected hosts in practice questions, but I can't recall the exact details.
upvoted 0 times
...
France
5 months ago
I remember reading that sinkholing helps with visibility issues, but I'm not sure if it specifically requires the Vulnerability Protection Profile to be enabled.
upvoted 0 times
...
Catalina
5 months ago
Ah, I see. DNS sinkholing creates a fake 'Zanadu' internet to redirect and monitor malware traffic. Option B describes that process, so I think that's the right answer.
upvoted 0 times
...
Aimee
5 months ago
The key here is that DNS sinkholing is used to identify infected hosts when the firewall can't see the originating DNS queries. Option C seems to capture that idea well, so I'll go with that.
upvoted 0 times
...
Daniela
5 months ago
Hmm, I'm a bit confused by the details here. I'll need to carefully read through each option and think through the key concepts to make sure I understand before selecting an answer.
upvoted 0 times
...
Dewitt
5 months ago
This question seems straightforward. I'm pretty confident I can identify the correct statement about how DNS sinkholing works.
upvoted 0 times
...
Rosenda
9 months ago
A is definitely wrong - the Vulnerability Protection Profile has nothing to do with DNS sinkholing. Sounds like someone just threw that in there to confuse us.
upvoted 0 times
...
Tyisha
10 months ago
D can't be right, why would you need a special license just to set up a sinkhole? That's overkill.
upvoted 0 times
Holley
8 months ago
C) Infected hosts can then be easily identified in the traffic logs because any host that attempts to connect the sinkhole IP address are most likely infected with malware.
upvoted 0 times
...
Ricki
9 months ago
B) Sinkholing malware DNS queries solves this visibilty problem by forging responses to the client host queries directed at fake domains created in a controlled 'Fake Internet' called Zanadu which designed for testing and honeypots.
upvoted 0 times
...
Ruth
9 months ago
A) DNS Sinkholing requires the Vulnerability Protection Profile be enabled.
upvoted 0 times
...
...
Tonette
10 months ago
B seems like the most comprehensive explanation of how DNS sinkholing works to identify infected hosts. I like the mention of the 'Fake Internet' - sounds like a fun place to explore!
upvoted 0 times
Rolande
9 months ago
User 3: Definitely, it's a clever way to identify infected hosts through DNS traffic.
upvoted 0 times
...
Gearldine
9 months ago
User 2: Yeah, I agree. It's interesting how they use a 'Fake Internet' for testing and honeypots.
upvoted 0 times
...
Cletus
9 months ago
User 1: I think B is the correct answer. It explains how sinkholing works by creating fake domains in a controlled environment.
upvoted 0 times
...
...
Domitila
10 months ago
Option C sounds like the correct answer. Tracing infected hosts through their attempts to connect to the sinkhole IP makes a lot of sense.
upvoted 0 times
Glennis
9 months ago
I agree. It's an effective method to detect malware activity on the network.
upvoted 0 times
...
Charlesetta
9 months ago
Yes, that's right. It's a clever way to identify infected hosts without directly seeing the DNS query originator.
upvoted 0 times
...
Sharmaine
9 months ago
Option C sounds like the correct answer. Tracing infected hosts through their attempts to connect to the sinkhole IP makes a lot of sense.
upvoted 0 times
...
...
Ryan
11 months ago
I'm not sure, but I think the answer might be D.
upvoted 0 times
...
Detra
11 months ago
I disagree, I believe the answer is B.
upvoted 0 times
...
Broderick
11 months ago
I think the answer is C.
upvoted 0 times
...

Save Cancel