How DNS Works (And Why Hackers Love It)
What You’ll Learn
DNS seems simple on the surface—your computer asks for an IP address and gets one back. But the full resolution process involves recursive resolvers, authoritative name servers, caching, TTLs, and a chain of trust that attackers know how to abuse at every link. This session walks through the entire DNS resolution process step by step, then uses that foundation to explain exactly how DNS-based attacks work and why they’re so hard to detect.
You’ll learn how recursive and iterative DNS queries work and where the difference matters, what DNS tunneling is and how attackers use it to smuggle data past firewalls, how DNS cache poisoning and spoofing attacks are executed, and how DNSSEC works and why it’s still not universally adopted. We’ll also cover what defenders should be monitoring in DNS logs and which tools and techniques analysts use to catch DNS-based threats in the wild.
Who Should Attend
This session is designed for IT professionals and security practitioners who want to move beyond surface-level knowledge of DNS and understand it well enough to both explain and defend against DNS-based attacks. It’s particularly valuable for Network+ and CCNA candidates who encounter DNS on their exams but want to see how it plays out in real security contexts, as well as SOC analysts, network administrators, and anyone studying for Security+, CySA+, or CEH who wants to see protocol fundamentals applied to real-world attack scenarios.
Exclusive Benefits for Attendees
- Full recording of the session for future reference
- DNS attack reference guide covering tunneling, spoofing, and cache poisoning
- DNS monitoring and detection checklist for defenders
- Live Q&A with a certified networking and security instructor
- Certificate of Attendance for your professional records
Event Topic
Employee Training & Development, IT, Security