CompTIA Security+ (SY0-701) — Question 226

Which of the following best describes a use case for a DNS sinkhole?

Answer options

• A. Attackers can see a DNS sinkhole as a highly valuable resource to identify a company's domain structure.
• B. A DNS sinkhole can be used to draw employees away from known-good websites to malicious ones owned by the attacker.
• C. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.
• D. A DNS sinkhole can be set up to attract potential attackers away from a company's network resources.

Correct answer: C

Explanation

The correct answer is C because a DNS sinkhole is specifically designed to intercept and capture traffic aimed at known-malicious domains, effectively mitigating potential threats. Options A and B incorrectly suggest that the sinkhole benefits attackers or misleads users, while D implies a defensive strategy that does not align with the primary functionality of a DNS sinkhole.