Cisco Exam 350-701 Topic 4 Question 74 Discussion

Actual exam question for Cisco's 350-701 exam

Question #: 74
Topic #: 4

What are two recommended approaches to stop DNS tunneling for data exfiltration and command and control call backs? (Choose two.)

AUse intrusion prevention system.

BBlock all TXT DNS records.

CEnforce security over port 53.

DUse next generation firewalls.

EUse Cisco Umbrella.

Show Suggested Answer

Suggested Answer: C

by Fletcher at Aug 29, 2023, 01:48 AM

Limited Time Offer

25%

Off

Get Premium 350-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Cecily

2 months ago

Wait, are we actually talking about DNS tunneling? I thought this was a question about making the perfect grilled cheese sandwich. Rookie mistake.

upvoted 0 times

...

Estrella

2 months ago

Hmm, B and D sound good in theory, but I'd be worried about false positives. C and E are probably the safer bets here.

upvoted 0 times

Carri

9 days ago

It's important to weigh the pros and cons of each approach before implementing.

upvoted 0 times

...

My

10 days ago

C and E are definitely safer options to consider.

upvoted 0 times

...

Juliana

27 days ago

I agree, false positives can be a concern with B and D.

upvoted 0 times

...

Ciara

2 months ago

Hah, blocking all TXT records? What is this, the '90s? Next-gen firewalls and Cisco Umbrella are definitely the way to go. Security-conscious and future-proof.

upvoted 0 times

Susy

1 months ago

E) Use Cisco Umbrella.

upvoted 0 times

...

Rozella

2 months ago

D) Use next generation firewalls.

upvoted 0 times

...

Mozell

2 months ago

A) Use intrusion prevention system.

upvoted 0 times

...

Marti

2 months ago

I'm not sure about blocking all TXT records, that could have some unintended consequences. I'd go with C and E - enforcing security on port 53 and using a solution like Cisco Umbrella.

upvoted 0 times