🔥 3-day streak
CompTIA SecurityX (CAS-005)34 / 120
Question 34 of 120
A financial services company is designing a resilient enterprise architecture. Their threat model identifies data exfiltration via DNS tunneling as a critical risk because compromised endpoints have been observed encoding stolen data into DNS queries to attacker-controlled authoritative name servers. The security architect must design a control that preserves normal name resolution for legitimate business while preventing covert data channels over DNS. Which design approach BEST addresses this requirement?
Reviewed for accuracy · Report an issueNext question