Hackers shouldn’t be able to explore your internal network. To make sure they do not, you need to learn about split horizon DNS configuration. And it might help to know something about BIND, probably the most used DNS software on the internet.
In this lab, students will configure a split-horizon DNS infrastructure that consists of two DNS servers: An External DNS server and an Internal DNS server. The External DNS lives in the organization's DMZ network; it is used by external hosts to resolve names of servers in the DMZ. The Internal DNS lives in the organization's internal network and is reachable only by hosts on the internal network. It resolves names of hosts on the internal network.
The lab uses BIND, the most popular DNS server in use today.
Prerequisites
Basic network routing concepts (firewalls, subnets, etc.) as well as basic networking concepts (TCP/IP, DNS, etc.). Students should also be comfortable with the Unix/Linux command line.
Expected Duration
2 hours, self-paced. Pause and continue at any time.
2 CPEs awarded on successful completion.
Availability
Included if you are a subscriber to any of the following training packages:
- Level 1: Enterprise Instructional Labs
- Introduction to Network Security Lab Package
- Intrusion Detection and Prevention Lab Package
- Essential Tools for Network Engineering
- Secure Network Setup Package
- System Administrator 2
- Systems Security Analyst 2
- Cyber Defense Infrastructure Support Specialist 2
- Vulnerability Assessment Analyst 1
- Security Architect
- Authorizing Official/Designating Representative
- Level 3: Attack Scenarios, Attack/Defense/IR Exercises, and Instructional Labs
- Level 2: Attack/Defense/IR Exercises and Instructional Labs
