Skip to Main Content
Windows Server 2022 & Powershell All-in-One For Dummies
book

Windows Server 2022 & Powershell All-in-One For Dummies

by Sara Perrott
March 2022
Beginner content levelBeginner
784 pages
18h 19m
English
For Dummies
Content preview from Windows Server 2022 & Powershell All-in-One For Dummies

Chapter 7

Securing Your DNS Infrastructure

IN THIS CHAPTER

check Understanding how DNSSEC can protect your DNS services

check Examining DANE and how it complements DNSSEC

check Securing DNS with HTTPS

Domain Name System (DNS) is a requirement of Active Directory and is what makes networks easier to work with. With DNS, you don’t have to remember IP addresses — you can just remember simple names instead. Imagine, though, that a criminal was able to make your systems believe that their DNS server was your DNS server. You and your users could be redirected to a malicious site.

In this chapter, you learn how to secure your DNS infrastructure using DNS Security Extensions (DNSSEC) and DNS-based Authentication of Named Entities (DANE).

Understanding DNSSEC

DNSSEC was designed to prevent attackers from hijacking the DNS lookup process and protect users from being given addresses to malicious servers. DNSSEC signs zones and records, which allows the endpoint that made the query to validate that a DNS record is a valid record, or if it’s redirecting to an invalid and potentially malicious location instead (DNS cache poisoning).

By digitally signing the root zone in your DNS infrastructure, you can give ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Mastering Windows PowerShell Scripting - Third Edition

Mastering Windows PowerShell Scripting - Third Edition

Chris Dent

Publisher Resources

ISBN: 9781119867821Purchase Link