Palo Alto Networks System Engineer – Strata — Question 57

What are two benefits of the sinkhole Internet Protocol (IP) address that DNS Security sends to the client in place of malicious IP addresses? (Choose two.)

Answer options

• A. It represents the remediation server that the client should visit for patching.
• B. In situations where the internal DNS server is between the client and the firewall, it gives the firewall the ability to identify the clients who originated the query to the malicious domain.
• C. The client communicates with it instead of the malicious IP address.
• D. It will take over as the new DNS resolver for that client and prevent further DNS requests from occurring in the meantime.

Correct answer: B, C

Explanation

Option B is correct because it allows the firewall to track down which clients are querying the malicious domain, enhancing security. Option C is also correct as it ensures the client connects to the sinkhole IP instead of a harmful IP, preventing potential attacks. Options A and D do not accurately represent the function of the sinkhole IP in this context.