DNS Security Management

An advanced Domain Name System (DNS) security resource that explores the operation of DNS, its vulnerabilities, basic security approaches, and mitigation strategies  

DNS Security Management offers an overall role-based security approach and discusses the various threats to the Domain Name Systems (DNS). This vital resource is filled with proven strategies for detecting and mitigating these all too frequent threats. The authors—noted experts on the topic—offer an introduction to the role of DNS and explore the operation of DNS. They cover a myriad of DNS vulnerabilities and include preventative strategies that can be implemented.

Comprehensive in scope, the text shows how to secure DNS resolution with the Domain Name System Security Extensions (DNSSEC). In addition, the text includes discussions on security applications facility by DNS, such as anti-spam, SPF, DANE and related CERT/SSHFP records. This important resource:

• Presents security approaches for the various types of DNS deployments by role (e.g., recursive vs. authoritative)
• Discusses DNS resolvers including host access protections, DHCP configurations and DNS recursive server IPs
• Examines DNS data collection, data analytics, and detection strategies

With cyber attacks ever on the rise worldwide, DNS Security Management offers network engineers a much-needed resource that provides a clear understanding of the threats to networks in order to mitigate the risks and assess the strategies to defend against threats.

Table of Contents

Chapter 1 Introduction
Chapter 2 Introduction To The Domain Name System (Dns)
Chapter 3 Dns Protocol And Messages
Chapter 4 Dns Vulnerabilities
Chapter 5 Dns Trust Sectors
Chapter 6 Security Foundation
Chapter 7 Service Denial Attacks
Chapter 8 Cache Poisoning Defenses
Chapter 9 Securing Authoritative Dns Data
Chapter 10 Attacker Exploitation Of Dns
Chapter 11 Malware And Apts
Chapter 12 Dns Security Strategy
Chapter 13 Dns Applications To Improve Network Security
Chapter 14 Dns Security Evolution
Appendix A: Cybersecurity Framework Core DNS Example
Appendix B: DNS Resource Record Types