SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThere has been growing interest in the use of DNS RPZ (domain name system response policy zones) as a mechanism to defend against malware on the web. This paper will examine the history of DNS RPZ, its applications (including malware and phishing) and experience of its deployment instead of other layer 7 based filtering systems. This paper will provide a step-by-step process for configuring DNS RPZ in BIND, as well as ancillary services for logging and manual manipulation of the RPZ, and examines the need for user education and response to 'false positives'.