DNS/DNSSEC (5 days)
The Domain Name System (DNS) is a critical part of Internet infrastructure and the largest distributed Internet directory service. DNS translates names to IP addresses, a required process for web navigation, email delivery, and other Internet functions. However, the DNS infrastructure is not secure enough unless the security mechanisms such as Transaction Signatures (TSIG) and DNS Security Extensions (DNSSEC) are implemented. To guarantee the availability and the secure Internet services, it is important for networking professionals to understand DNS Security concepts, configurations, and operations.
This course will discuss the concept of DNS Security in detail, including mechanisms to authenticate the communication between DNS Servers to establish authenticity and integrity of DNS data. Participant will complete lab exercises based on number of scenarios.
This course is designed for network engineers, systems administrators, and anyone who is involved in managing DNS operations.
It is assumed that participants have a basic understanding of network operations, Internet technologies, OSI reference model and TCP/IP. In particular, you should be able to:
- Use a command line interface to configure:
- Mac OS
- Use the vi or nano text editor for Linux
Academy resources to be completed before start of workshop:
- Introduction to Domain Name Services (DNS)
- DNS configuration and setup
- Introduction to cryptography
- DNS Security concepts
- DNS Protocol Vulnerabilities
- Transaction Signatures (TSIG)
- DNS Security Extensions (DNSSEC)
- Setting up secure zones
- DNSSEC Key management
- An overview of other DNS technologies
Participants are advised to bring their own laptop computers with high-speed Wi-Fi (802.11a/g/n/ac) and administrative access to system. It is also recommended that laptops have Intel i5 or i7 processor, >=8GB of RAM and 30GB of free hard disk space.
Maximum number of attendees
40 participants per workshop.
Certificate of participation is provided upon successful completion of the course.