Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 322

What are two recommended approaches to stop DNS tunneling for data exfiltration and command and control call backs? (Choose two.)

Answer options

• A. Use Cisco Umbrella
• B. Use next generation firewalls.
• C. Block all 'TXT' DNS records.
• D. Use intrusion prevention system.
• E. Enforce security over port 53.

Correct answer: A, E

Explanation

Using Cisco Umbrella offers a cloud-based security solution that can effectively detect and block malicious DNS requests. Enforcing security over port 53 is crucial because it helps control DNS traffic and prevents unauthorized data exfiltration. The other options, while useful, do not specifically target DNS tunneling as effectively as the correct answers.