200-201 Question #326: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #326. The question stem and answer options stay visible for context.

Submitted by priya_blr· Mar 6, 2026Network Intrusion Analysis

Question

A network engineer noticed in the NetFlow report that internal hosts are sending many DNS requests to external DNS servers. A SOC analyst checked the endpoints and discovered that they are infected and became part of the botnet. Endpoints are sending multiple DNS requests, but with spoofed IP addresses of valid external sources. What kind of attack are infected endpoints involved in?

Options

ADNS tunneling
BDNS hijacking
CDNS amplification
DDNS flooding

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#DNS amplification#Botnet#DDoS attack#IP spoofing

Full 200-201 Practice Browse All 200-201 Questions