When configuringDNS change detection for SONAR, two available options areBlockandLog. These options allow administrators to define how SONAR should respond to unexpected or suspicious DNS changes.
Block: This option enables SONAR to immediately block DNS changes that it detects as potentially malicious, preventing suspicious DNS redirections that could expose endpoints to threats like phishing or malware sites.
Log: Selecting Log allows SONAR to record DNS changes without taking direct action. This option is useful for monitoring purposes, providing a record of changes for further analysis.
Explanation of Why Other Options Are Less Likely:
Option B (Active Response)andOption C (Quarantine)are generally associated with threat responses but are not specific to DNS change detection.
Option E (Trace)is not an available response option for DNS changes in SONAR.
Therefore, the correct options for configuringDNS change detected for SONARareBlockandLog.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit