A piece of malware has gained access to a workstation and issued a DNS lookup query to a CnC server. What is the purpose of this attack?

IT Questions BankCategory: CCNA CyberOpsA piece of malware has gained access to a workstation and issued a DNS lookup query to a CnC server. What is the purpose of this attack?
A piece of malware has gained access to a workstation and issued a DNS lookup query to a CnC server. What is the purpose of this attack? 1ITExamAnswers Staff asked 6 months ago

A piece of malware has gained access to a workstation and issued a DNS lookup query to a CnC server. What is the purpose of this attack?

  • to request a change of the IP address
  • to send stolen sensitive data with encoding
  • to check the domain name of the workstation
  • to masquerade the IP address of the workstation

Explanation: A piece of malware, after accessing a host, may exploit the DNS service by communicating with command-and-control (CnC) servers and then exfiltrate data in traffic disguised as normal DNS lookup queries. Various types of encoding, such as base64, 8-bit binary, and hex can be used to camouflage the data and evade basic data loss prevention (DLP) measures.

More Questions: CCNA SECFND 210-250 Dumps – Certification Practice Exam Answers
More Questions: CyberOps Associate Final Exam Answers


Related Articles