When a malware-infected host attempts to resolve a known command-and-control server, the traffic matches a security policy with DNS sinhole enabled, generating a traffic log.
What will be the destination IP Address in that log entry?
A . The IP Address of sinkhole.paloaltonetworks.com
B . The IP Address of the command-and-control server
C . The IP Address specified in the sinkhole configuration
D . The IP Address of one of the external DNS servers identified in the anti-spyware database
Answer: C
Explanation:
https://live.paloaltonetworks.com/t5/MaHYPERLINK "https://live.paloaltonetworks.com/t5/Management-Articles/How-to-Verify-DNS-Sinkhole-Function-
is-Working/ta-p/65864"naHYPERLINK "https://live.paloaltonetworks.com/t5/Management-
Articles/How-to-Verify-DNS-Sinkhole-Function-is-Working/ta-p/65864"gement-Articles/How-to-Verify-DNS-Sinkhole-Function-is-Working/ta-p/65864