New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks PSE-Strata Exam - Topic 1 Question 113 Discussion

Actual exam question for Palo Alto Networks's PSE-Strata exam
Question #: 113
Topic #: 1
[All PSE-Strata Questions]

An endpoint, inside an organization, is infected with known malware that attempts to make a command-and-control connection to a C2 server via the destination IP address

Which mechanism prevents this connection from succeeding?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Carla at Aug 17, 2025, 09:27 AM

Limited Time Offer

25%

Off

Get Premium PSE-Strata Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Jacquelyne
1 month ago
Not sure if DNS Proxy would do much in this case.
upvoted 0 times
...
Lorean
2 months ago
Wait, can Wildfire Analysis really stop that?
upvoted 0 times
...
Lajuana
2 months ago
Definitely DNS Sinkholing, it’s super effective!
upvoted 0 times
...
Michel
2 months ago
I think Anti-Spyware Signatures would work too.
upvoted 0 times
...
Noah
2 months ago
DNS Sinkholing is the way to go!
upvoted 0 times
...
Terina
3 months ago
Wildfire analysis sounds familiar, but I can't recall if it specifically stops command-and-control connections.
upvoted 0 times
...
Louisa
3 months ago
I practiced a similar question where DNS proxy was mentioned, but I don't think it directly prevents C2 connections.
upvoted 0 times
...
Ciara
4 months ago
I'm not entirely sure, but I feel like anti-spyware signatures could also help block known malware.
upvoted 0 times
...
France
4 months ago
I remember studying DNS sinkholing as a way to redirect malicious traffic, so I think that might be the right answer.
upvoted 0 times
...
Rory
4 months ago
This is a good test of our network security knowledge. I think the key is to focus on the fact that the malware is trying to make an outbound connection, so the solution would likely involve some kind of network-level control or monitoring to detect and block that activity. DNS sinkholing seems like the most straightforward approach.
upvoted 0 times
...
Vallie
4 months ago
I'm a little confused by the wording of the question. Is it asking about a specific mechanism, or just any mechanism that could prevent the connection? I want to make sure I understand the scope before I commit to an answer.
upvoted 0 times
...
Janessa
4 months ago
DNS sinkholing seems like the most likely answer here. By redirecting the malware's attempt to connect to the C2 server to a controlled server instead, it would effectively block the connection from succeeding. The other options don't seem as directly relevant to this specific scenario.
upvoted 0 times
...
Katie
5 months ago
Hmm, I'm a bit unsure about this one. There are a few options that seem plausible, but I'm not totally confident in my understanding of how each one would work to prevent the connection. I'll need to think it through carefully.
upvoted 0 times
...
Kimberlie
5 months ago
This seems like a straightforward question about network security mechanisms. I think the key is to focus on the fact that the malware is trying to make a command-and-control connection, so the solution would likely involve some kind of network-based control or monitoring.
upvoted 0 times
...
Germaine
5 months ago
Hmm, I think Anti-Spyware Signatures might be the answer. Gotta catch that malware before it can connect.
upvoted 0 times
...
Ollie
5 months ago
DNS Sinkholing, for sure! Redirecting that C2 traffic to a dead-end is the way to go.
upvoted 0 times
Iluminada
2 months ago
Best way to stop those connections!
upvoted 0 times
...
Loren
2 months ago
DNS Sinkholing, for sure!
upvoted 0 times
...
Carol
3 months ago
Totally agree, it’s effective!
upvoted 0 times
...
Roosevelt
3 months ago
Redirecting that C2 traffic is smart.
upvoted 0 times
...
...
Ulysses
7 months ago
I think the answer is A) DNS Sinkholing.
upvoted 0 times
...

Save Cancel