Which security measure uses a temporary DNS record to route malicious traffic to a controlled IP?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

Which security measure uses a temporary DNS record to route malicious traffic to a controlled IP?

Explanation:
DNS sinkholing redirects traffic destined for known malicious domains to a controlled IP by using temporary DNS records. When a malware-infected device requests a bad domain, the DNS response points to a sinkhole address instead of the real destination, allowing defenders to monitor, log, or block that traffic and, if desired, serve safe content. This technique relies on manipulating DNS responses to route suspicious activity to an environment you control, making it possible to study and neutralize threats without letting them reach their actual servers. Other options don’t fit: a firewall blocks or filters traffic but doesn’t reroute DNS queries to a controlled host; a honeypot is a decoy system to attract attackers rather than reroute DNS to monitor malicious requests; a VPN creates an encrypted tunnel for legitimate access, not redirection of malicious traffic via DNS.

DNS sinkholing redirects traffic destined for known malicious domains to a controlled IP by using temporary DNS records. When a malware-infected device requests a bad domain, the DNS response points to a sinkhole address instead of the real destination, allowing defenders to monitor, log, or block that traffic and, if desired, serve safe content. This technique relies on manipulating DNS responses to route suspicious activity to an environment you control, making it possible to study and neutralize threats without letting them reach their actual servers. Other options don’t fit: a firewall blocks or filters traffic but doesn’t reroute DNS queries to a controlled host; a honeypot is a decoy system to attract attackers rather than reroute DNS to monitor malicious requests; a VPN creates an encrypted tunnel for legitimate access, not redirection of malicious traffic via DNS.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy