nerdexam
Exams200-201Questions#411
CiscoCisco

200-201 · Question #411

200-201 Question #411: Real Exam Question with Answer & Explanation

The correct answer is D: tunneling. DNS tunneling allows for data exfiltration by embedding data within DNS queries and responses, resulting in a high frequency of DNS requests to transmit information.

Submitted by akirajp· Mar 6, 2026Network Intrusion Analysis

Question

An analyst performs traffic analysis to detect data exfiltration and identifies a high frequency of DNS requests in a small period of time. Which technology makes this behavior feasible?

Options

  • Aaccess control list
  • BNAT
  • Cencryption
  • Dtunneling

Explanation

DNS tunneling allows for data exfiltration by embedding data within DNS queries and responses, resulting in a high frequency of DNS requests to transmit information.

Common mistakes.

  • A. An access control list (ACL) is a security control that filters network traffic based on defined rules, typically preventing unauthorized access, not facilitating data exfiltration via DNS.
  • B. Network Address Translation (NAT) maps private IP addresses to public ones, which is unrelated to using DNS for data exfiltration.
  • C. While encryption protects data confidentiality, it doesn't inherently enable data exfiltration via DNS requests; rather, it could make the tunneled data harder to inspect.

Concept tested. DNS tunneling for data exfiltration

Reference. https://learn.microsoft.com/en-us/defender-for-cloud/alert-reference#dns-tunneling-detected

Topics

#Data exfiltration#DNS tunneling#Traffic analysis#Network protocols

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 200-201 PracticeBrowse All 200-201 Questions