This two-day hands on DNS training course studies both the UNIX BIND and the Microsoft (MS DNS) implementations. The course follows on from our Definitive DNS for engineers course starting with best practices. The majority of the course is spent on securing DNS and in particular DNSSEC. Some parts are specific to BIND. Students choose whether to use Windows or UNIX for the hands on sessions.
MX and PTR records, lame delegations,
disallowing recursion, TTLs, online testing.
Hands on Review of your DNS servers.
Partitioning internal and external DNS, views.
Hands on Implementing split DNS.
ACLs, recursion, queries, trusted sources, chroot
jail, secure BIND template.
Hands on Securing the DNS server.
What is DNSSEC? DNSSEC benefits, DNSSEC
RRs. DNSKEY, RRSIG, NSEC, DS.
Hands on Creating DNSSEC keys.
TSIG, shared secret. Securing DDNS.
Hands on Secure file transfers.
Trusted anchors, Chains of trust, Zone status,
Zone signing, Keys. ZSK, KSK, adding keys to a
zone file. Secure delegations.
Hands on Zone signing
Key rollover, pre publish, double signing, rollover cache.
"Able to customise course which was excellent."
"Great course for such a huge and important topic."
This structured training course seeks to build upon workbook learning through the use of group exercises, dynamic discussion and individual tasks in order to deliver an engaging and interactive module that will ensure all candidates are able to transfer their new skills into the workplace.