APNIC Training

eDNS03: DNS Security

DeliveryeLearning (this course is conducted online)
Duration1 hour
Level of StudyIntermediate


The DNS (or the Domain Name System) is a distributed, hierarchical system for mapping domain names to IP addresses. Because it plays a critical role in the proper functioning of the Internet infrastructure, DNS is often the target of exploit by malicious users.

This course will examine the vulnerabilities with the DNS protocol as well as introduce ways to protect our DNS data integrity. It will protect DNS transactions and the integrity of data.

Target Audience:

This course is designed for network engineers, systems administrators, and anyone who is involved in managing DNS operations.


Previous knowledge of the operations of DNS is required. The attendee must have implemented DNS before.

It is recommended that the participants attend eDNS01 course prior to attending this course.

Course Outline:

  • DNS Vulnerabilities
  • DNS Cache Poisoning
  • Securing the Nameservers
  • Transaction Signature (TSIG)
  • DNS Security Extensions (DNSSEC)
  • DNSSEC - New Resource Records
  • Signing the Zone

Other requirements:

  • Updated web browser with Adobe Flash Player 11 or above
  • Broadband connection running at a minimum of 256kbps or better
  • Headset (to reduce noise)

Maximum number of attendees:

50 participants per session


  • Free

All eLearning courses are free of charge for participants, with priority given to APNIC Members.

Upcoming Events


Download slides for this course (863.7 KB).