Nathan wants to prevent systems that are infected with malware from connecting to a botnet controller that he knows the hostnames for. What type of solution can he use to prevent the systems from reaching the controller?

A Domain Name System (DNS) sinkhole is a DNS server used to spoof DNS servers that would normally resolve an unwanted to a malicious hostname. Traffic can be sent to a legitimate system, causing warnings to appear on the user’s screen, or simply sent to a null route or nonexistent system. An intrusion detection system (IDS) cannot stop traffic, round-robin DNS is a way to spread DNS traffic, and a WAF is a web application firewall, and nothing in this question indicates that there is a web-specific issue.