DNS servers have traditionally been the targets of attacks: DDoS attacks, cache poisoning attacks and more. But we’ll look at recent developments that allow you to instrument your DNS servers to become security tools: to implement a policy governing name resolution based on the reputation of domain names and IP addresses, and to use DNS telemetry to identify patterns of malicious use.

Learning Objectives:
1: Learn how DNS is used by malicious actors throughout the malware lifecycle.
2: Learn how to use response policy zones to implement DNS resolution policies.
3: Learn how to collect passive DNS data and the analytics possible using this data.