Which of the following Event Search queries would only find the DNS lookups to the domain: www.randomdomain.com?
Which of the following Event Search queries would only find the DNS lookups to the domain: www.randomdomain.com?
To find DNS lookups specifically for the domain www.randomdomain.com, the query must include both the event type and the exact domain name. Option A uses the appropriate event type (DnsRequest) and specifies the full domain name (www.randomdomain.com), making it the correct query for this task.
A. event_simpleName=DnsRequest DomainName=www.randomdomain.com
I think it a because we do not need to put the Computer Name as Host. We only interested in the domain address
B: This would not match www.randomdomain.com without using * C: Same as B D. This one work, but not written in the best practice format. The use of 'ComputerName' diverts the success criteria of question.