Cisco Exam 350-701 Topic 4 Question 74 Discussion

Actual exam question for Cisco's 350-701 exam

Question #: 74
Topic #: 4

What are two recommended approaches to stop DNS tunneling for data exfiltration and command and control call backs? (Choose two.)

AUse intrusion prevention system.

BBlock all TXT DNS records.

CEnforce security over port 53.

DUse next generation firewalls.

EUse Cisco Umbrella.

Show Suggested Answer

Suggested Answer: C

by Fletcher at Aug 29, 2023, 01:48 AM

Limited Time Offer

25%

Off

Get Premium 350-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ciara

9 days ago

Hah, blocking all TXT records? What is this, the '90s? Next-gen firewalls and Cisco Umbrella are definitely the way to go. Security-conscious and future-proof.

upvoted 0 times

...

Marti

14 days ago

I'm not sure about blocking all TXT records, that could have some unintended consequences. I'd go with C and E - enforcing security on port 53 and using a solution like Cisco Umbrella.

upvoted 0 times