ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 323 discussion

Actual exam question from CompTIA's CS0-002
Question #: 323
Topic #: 1
[All CS0-002 Questions]

A new variant of malware is spreading on the company network using TCP/443 to contact its command-and-control server. The domain name used for callback continues to change, and the analyst is unable to predict future domain name variance. Which of the following actions should the analyst take to stop malicious communications with the LEAST disruption to service?

  • A. Implement a sinkhole with a high entropy level.
  • B. Disable TCP/53 at the perimeter firewall.
  • C. Block TCP/443 at the edge router.
  • D. Configure the DNS forwarders to use recursion.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by db97 at Feb. 21, 2023, 6:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
karpal
1 year, 10 months ago
Selected Answer: A
A. Implement a sinkhole with a high entropy level. // I chosed it as the rest do not make sense B. Disable TCP/53 at the perimeter firewall. // DNS will stop working C. Block TCP/443 at the edge router. // internet will stop working for all emplolyees in the company. D. Configure the DNS forwarders to use recursion. // all DNS forwarderds are using recursion anyhow...
upvoted 2 times
...
Farzananazy
2 years, 1 month ago
Selected Answer: A
option A, implementing a sinkhole with a high entropy level, would be the best action to take to stop the malicious communications with the least disruption to service.
upvoted 2 times
2Fish
2 years, 1 month ago
Agree. Sinkhole with high entropy to make it more difficult for attackers to figure out where the sinkhole is.
upvoted 1 times
...
...
db97
2 years, 2 months ago
Agree with A
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago