KT-NET DNS tunneling

Which control detects DNS tunneling without full TLS break?

Multiple choice — select one answer

Answer choices

  1. a. DNS logging with entropy/threat intel and blocking of uncategorized DGA domains
  2. b. Use hosts file only on DC, without security or identity team coordination per policy.
  3. c. Allow any A record, without security or identity team coordination per policy.
  4. d. Disable all DNS, without security or identity team coordination per policy.

Architectural breakdown & explanation

DNS analytics and threat feeds catch tunnel domains.

Correct answer(s): a. DNS logging with entropy/threat intel and blocking of uncategorized DGA domains

Exam domain: DNS tunneling (16% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Network Security bank. Run a full timed practice exam with domain-weighted random questions in your browser.