What should a cybersecurity analyst look for to detect DNS tunneling?

IT Questions BankCategory: CyberOps AssociateWhat should a cybersecurity analyst look for to detect DNS tunneling?

What should a cybersecurity analyst look for to detect DNS tunneling?

  • longer than average DNS queries
  • incorrect MAC to IP address mappings
  • gratuitous ARP requests
  • rogue DHCP servers

Explanation: DNS tunneling can frequently be detected by looking for unusual DNS queries, such as those that are too long or query for an unusual domain name.

Exam with this question: 17.2.8 Check Your Understanding - Network Services Attacks

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments