nerdexam
Exams352-001Questions#239
Cisco

352-001 · Question #239

352-001 Question #239: Real Exam Question with Answer & Explanation

The correct answer is B: redirect an attack away from its target. A sinkhole redirects malicious or unwanted traffic to a controlled destination and allows analysts to monitor that traffic, making B and C the correct answers.

Question

Which two actions can the sinkhole technique be used to perform? (Choose two.)

Options

  • Adelay an attack from reaching its target
  • Bredirect an attack away from its target
  • Cmonitor attack noise, scans, and other activity
  • Dreverse the direction of an attack

Explanation

A sinkhole redirects malicious or unwanted traffic to a controlled destination and allows analysts to monitor that traffic, making B and C the correct answers.

Common mistakes.

  • A. A sinkhole does not delay an attack - it redirects traffic immediately with no buffering or time-delay mechanism involved.
  • D. A sinkhole does not reverse the direction of an attack back toward the attacker; it simply diverts traffic to a controlled monitoring point without retaliating.

Concept tested. DNS and IP sinkhole technique for attack redirection and monitoring

Reference. https://www.cisco.com/c/en/us/about/security-center/intelligence-group/threat-research/sinkholes.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 352-001 Practice