DNS servers have traditionally been the targets of attacks: DDoS attacks, cache poisoning attacks and more. But we’ll look at recent developments that allow you to instrument your DNS servers to become security tools: to implement a policy governing name resolution based on the reputation of domain names and IP addresses, and to use DNS telemetry to identify patterns of malicious use.
Learning Objectives: 1: Learn how DNS is used by malicious actors throughout the malware lifecycle. 2: Learn how to use response policy zones to implement DNS resolution policies. 3: Learn how to collect passive DNS data and the analytics possible using this data.