Question

What is a protection provided by Microsoft Defender for DNS?

[A] Malware communicating with C&C server
[B] Malware encrypting data on a Device
[C] Malware enumerating user on a Device
[D] Malware spreading through emails

Answer 1

Microsoft Defender provides DNS protection mainly by blocking malware from communicating with C&C servers, which is essential for preventing the control attackers have over compromised systems and stopping further spread of malware.

Step-by-step explanation:

The protection provided by Microsoft Defender for DNS is [A] Malware communicating with C&C (Command and Control) server.

The Defender for Endpoint includes features designed to detect and block attempts by malware to communicate with C&C servers over the network.

This is critical for stopping the spread of malware and interrupting the control attackers have over compromised systems.

By monitoring DNS queries, Microsoft Defender can identify suspicious domains that are often used by malware to establish communication with their C&C servers and take action to prevent data exfiltration and further infection.