A company is receiving emails with links to phishing sites that look very similar to the company's own website address and content. Which of the following is the BEST way for the company to mitigate this attack?
A.
Create a honeynet to trap attackers who access the VPN with credentials obtained by phishing.
B.
Generate a list of domains similar to the company's own and implement a DNS sinkhole for each.
C.
Disable POP and IMAP on all Internet-facing email servers and implement SMTPS.
D.
Use an automated tool to flood the phishing websites with fake usernames and passwords.
DNS sinkhole prevents users from entering the site if they have a sinkhole for the domain name. So making a list of fake websites domain name and making a sinkhole will prevent access to these website if a user tried to search for it on accident.
MorganB 0 minutes ago Awaiting moderator approval
Pass my exam 27, April 23. This question was on my tested worded differently but the answer is the same.
The best way for the company to mitigate the phishing attack described is by generating a list of domains that are similar to the company's own domain and implementing a DNS sinkhole for each of these domains. A DNS sinkhole is a technique used to redirect malicious traffic to a controlled environment or block access to malicious domains.
By implementing a DNS sinkhole for similar-looking domains, the company can prevent users from accessing phishing sites that may impersonate the company's website. When users click on links in the phishing emails, their DNS requests for those domains will be redirected to a safe location, preventing them from reaching the actual phishing sites. This approach helps protect users from falling victim to the phishing attack and helps in mitigating the risk of credential theft and other malicious activities associated with phishing.
By generating a list of domains that are similar to the company's own and implementing a DNS sinkhole for each of these domains, the company can prevent users from accessing phishing sites that look similar to their legitimate website. A DNS sinkhole involves redirecting traffic from the malicious domains to a non-existent or controlled server, effectively blocking users from accessing the phishing sites.
This approach is an effective way to mitigate the phishing attack and protect users from falling victim to the fraudulent websites. It helps in preventing data loss and protecting the company's reputation from being exploited by attackers.
I'm pretty sure D is illegal. Probably would work but takes a lot of resources, can be mitigated if the target uses proper protection, and like I said is ethically and legally questionable.
B. Generate a list of domains similar to the company's own and implement a DNS sinkhole for each would be the best way for the company to mitigate this attack. By generating a list of domains similar to the company's own and implementing a DNS sinkhole for each, the company can prevent users from accessing the phishing sites. A DNS sinkhole is a technique used to block access to malicious websites by redirecting requests for those sites to a non-existent IP address or a local web server that displays a warning message. This can help to prevent users from inadvertently accessing phishing sites that look similar to the company's own website.
The best way for the company to mitigate this attack would be to implement a DNS sinkhole for domains similar to the company's own. A DNS sinkhole is a security measure that redirects traffic from known malicious or fraudulent websites to a safe location. By generating a list of domains similar to the company's own and setting up a DNS sinkhole for each, the company can prevent employees from accidentally accessing phishing websites that mimic the company's own domain. Other solutions such as disabling POP and IMAP on email servers, implementing SMTPS, or using an automated tool to flood phishing websites with fake credentials may also be effective, but a DNS sinkhole would be the most direct and effective way to prevent employees from accessing the phishing sites. Creating a honeynet would not be relevant in this scenario.
After consideration Im choosing B -> I think the question implies that Typosqueatting is also on the table. So setting an internal DNS sinkhole that redirects all similar addresses (including the ones being used on the phishing campaign) to nothing will help mitigate this attack
This section is not available anymore. Please use the main Exam Page.SY0-601 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Josh_Feng
Highly Voted 2 years, 10 months agoComPCertOn
1 year, 7 months agoMorganB
Highly Voted 2 years, 2 months agoApplebeesWaiter1122
Most Recent 1 year, 11 months agoProtract8593
1 year, 11 months agoDutch012
2 years, 2 months agorline63
1 year, 10 months agoMasterControlProgram
2 years, 3 months agoFMMIR
2 years, 6 months agoRonWonkers
2 years, 9 months agostoneface
2 years, 10 months agozzzfox
2 years, 9 months agoGino_Slim
2 years, 8 months agostoneface
2 years, 10 months agoandrizo
2 years, 8 months ago