DNS & BIND Advanced continues where DNS & BIND Fundamentals (DNSB-F) leaves off. It focuses on critical topics that do not fit into DNSB-F. These include security topics that are critical in today's Internet. DNS has exotic, out-dated, and rarely implemented features. Those are not covered. Like DNSB-F, this course mixes in-depth lectures and practical hands-on labs, which each student runs on his or her own server, which we provide.
Attending DNSB-A in the same week as DNSB-F is the most popular registration option. If that is appealing, register just once for the combined course, DNS & BIND Week (DNSB-W), which is less expensive than attending DNSB-F and DNSB-A independently.
This course was previously known as: Advanced DNS & BIND Hands-on Training
- Dynamic DNS (DDNS), NOTIFY, & Incremental Zone Transfers
- Extended DNS (EDNS)
- dnstap (Advanced Query & Response Logging)
- Catalog Zones(Automatic Zone Provisioning)
- Security: DNS Threats, Risks, Attacks, and Mitigation
(e.g. Spoofed Responses, Spoofed IPs, Reflection, Amplification, DDoS, Cache Poisoning, Hijacking, etc)
- Security: Cryptography in DNS (Symmetric / Asymmetric)
- Security: Response Policy Zones (RPZ)
- Security: Response Rate Limiting
- Security: DNS Cookies
- Security: Transaction Signatures
- Security: Address Match Lists & Access Control Lists (ACLs)
- Security: Implementing a DNSSEC Validating BIND Resolving Server
- Security: Proper Firewall Configuration for DNS
- Security: Minimal ANY
- Security: DNSSEC (DNS SECurity) Introduction
NOTE: DNSSEC is covered in-depth in the course: DNSSEC & BIND (DNSECB)
- Views (Split-DNS)
- RDNS: Empty Zones (Preventing Unanswerable Queries)
- RDNS: BIND Authoritative Selection
- RDNS: BIND Prefetch
- The CHAOS Class & its Practical Uses
- Common DNS Misunderstandings
- BIND Configuration for Course Topics
- Additionally: Several topics in DNSB-F are covered in greater detail.
Note: In some courses, due to time required for other topics and participants' interests, a topic may be reduced or skipped, or another added (e.g. DNS & IPv6 Fragmentation, DNS Geolocation, or Administrator Defined Resource Records). The decision is made by the instructor with input from the participants.
It is strongly recommended to attend DNS & BIND Fundamentals (DNSB-F) before DNSB-A. Even participants with extensive experience tell us that DNSB-F fills in knowledge gaps, helps them understand how topics they know actually work and why, and corrects their misunderstandings. If you would like to attend DNSB-A without first attending DNSB-F, email us a request for a placement test.
The labs require working on the command-line in a Linux shell. Without familiarity with basics such as
cat and using a text editor, a participant will face difficulties. While experience is strongly recommended, advanced command-line skills are not needed. For the text editor, working with vi or emacs is not required, as a simple editor, nano, is also available. An understanding of IP addressing is helpful.
A participant must bring a computer with an Ethernet port, a keyboard, and an SSH client. (
PuTTY is an example of an SSH client for Windows). The laptop must be able to get an IPv4 address with DHCP over the port. Please note the Ethernet port requirement, as some laptops require an adapter for Ethernet. A computer without a physical keyboard, for example a tablet, is not recommended, and will additionally fail to meet the Ethernet port requirement.
DNS & BIND Training
This is DNS & BIND training, Men & Mice products are not included in the course. If Men & Mice Suite training is required, options are available.
Cost / Duration / Course Book and Lab Guide (only for Public training classes)
- $1890 (USD) (The public course includes vouchers for a free certification exam attempts, and lunch each day. The vouchers are valid for one year.)
- Official ISC Training Material
Please read our Cancellation policy
About Men & Mice Training
Men & Mice is the exclusive training partner of the ISC, which develops the most widely used DNS software, BIND.