This course is provided by Wintrac.
Wintrac provides one stop shopping for all your IT
training needs. Wintrac’s course catalog of over two thousand courses includes courses on
DNS training
DNS Training Description:
Reliable and robust operation of the DNS hierarchy - from the root servers to an individual domain name server - is critical to all Internet operations. The course covers administrative security, Stealth configurations, load-balancing, failover strategies, best practises and DHCP integration with DDNS. While the primary focus of the course is BIND other DNS software will be discussed.
Students will review the theory behind the DNS hierarchy, the DNS protocol, forward and reverse mapping zone files. The DNS can be used for a number of purposes each of which is covered in detail: Stealth (DMZ) Configuration; Load-balancing and failover (strategies and limitations); securely auto-updating the DNS by integration with DHCP; administrative security and best-practices; SPF(TXT) RRs; Advanced Diagnostics and debugging. The course includes a number of hands on configuration exercises.
The primary focus of the course is BIND which is available on Linux, UNIX and Windows platforms. The course is offered with Linux (Fedora Core), FreeBSD or Windows 2003 as the platform for all exercises.
DNS Training Audience:
The course is designed for experienced DNS administrators, Network and System Administrators and those who need an understanding of DNS capabilities.
DNS Training Course duration:
1 day. This course can also be added to the Basic DNS Course to create a three day course.
DNS Training Course outline:
Module 1: DNS Refresher
- The DNS hierarchy (name servers and resolvers)
- Authoritative and cached responses
- Delegation - Parent and child domains
- Forward and Reverse mapping
- Zone files - best practice
- DNS types
- Diagnostic Tools - DIG, NSLOOKUP
- DNS software - options and overview
Module 2: DNS Security Basics
- Security overview
- Security threat analysis
- DNS security scope (Zone transfer, DDNS, Zone integrity)
- Stealth configuration
- Administrative security (jails, permissions, server configurations)
- BIND Logs
- BIND's server clause
- Cache Poisoning 101
- RNDC - advanced configuration
- Mail Anti-SPAM (SPF, DKIM)
- Software diversity
Module 3: Stealth Configurations
- Configuration objectives
- Authoritative Only servers
- Hidden Masters
- BIND's view clause - benefits and limitations
- BIND and NSD
- Implications - zone transfer, DDNS, logs
- Exercise
Module 4: Load-Balancing and Failover
- Objectives and Strategies
- DNS and other solutions
- RR type strategies
- Benefits and limitations
- rrset-order and sortlist
- Exercise
Module 5: DNS and DHCP
- Objectives and Strategies
- DDNS for auto-update of forward maps
- Reverse maps
- Securing DDNS
- IPv6 implications
- DNS in Heterogeneous environments (Windows/Linux/Unix)
- Exercise
Module 6: Summary