Feedback
Course Outline
Access over 50+ self-paced, online and face-to-face training courses.
For
more courses, please visit the Course Catalogue.
Open Tutorial: DNSSEC Fundamentals (0.5 days)
Synopsis
The Domain Name System (DNS) is a critical part of Internet infrastructure and the largest distributed Internet directory service. DNS translates names to IP addresses, a required process for web navigation, email delivery, and other Internet functions. However, the DNS infrastructure is not secure enough unless the security mechanisms such as Transaction Signatures (TSIG) and DNS Security Extensions (DNSSEC) are implemented. To guarantee the availability and the secure Internet services, it is important for networking professionals to understand DNS Security / DNSSEC concepts, configurations, and operations.
This course will discuss the concept of DNSSEC in detail, including validation, signing, and key rollover.
Target audience
This course is designed for systems engineers and administrators who will be managing their DNS infrastructure.
Prerequisites
It is assumed that participants have a understanding of:
- Network operations, Internet technologies, OSI reference model and TCP/IP.
- Basic Linux command line (CLI) skills.
We recommend the following Academy courses be completed before the start of the tutorial:
- Routing Basics: https://academy.apnic.net/en/course/routing-fundamentals-course/
- Linux Basics virtual lab: https://academy.apnic.net/en/virtual-labs/
- DNS Concepts: https://academy.apnic.net/en/webinar-courses/dns-concepts
Other requirements
- Online – Participants are advised to bring their own laptop or desktop computers with high-speed internet access and administrative access to system. It is also recommended that computers have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
- Face to face – Participants are advised to bring their own laptop computers with high-speed Wi-Fi (802.11a/g/n/ac) and administrative access to system. It is also recommended that laptops have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
- Software: SSH Client, Telnet Client, VirtualBox/VMware
- Confirm Secure SHell (SSH) is allowed from the office or home network to access the lab infrastructure? Test ssh connectivity, try to connect to route-views.routeviews.org. For example from the CLI type: ssh [email protected]
- Attendees must have an APNIC Academy login account. If you don’t have one already, you can create an account for free at https://academy.apnic.net/
- Please test the speed of your Internet connection to the servers where the Virtual Machines (VMs) are hosted at the Learn on Demand data centres, using the speed test tool at https://www.learnondemandsystems.com/speedtest/
Course outline
- DNSSEC technical overview
- DNSSEC validation
- DNSSEC zone signing