BlueCat Security and Advanced Configuration

BlueCat Security and Advanced Configuration is an 8-hour course

designed to teach security and advanced IPAM concepts to
administrators.

Prerequisites

This course assumes that attendees have a general understanding of

networking concepts and TCP/IP protocols, as well as a strong grasp of
DNS, DHCP and IPv4 addressing. Students should also have completed
the BlueCat Fundamentals course prior to taking this course.

Duration: 1 Day

Course Outline

MODULE 1: SECURING BLUECAT SYSTEMS

 Understand System User Accounts

 Configure HTTPS Support
 Enable STIG Compliance
 Understand Secure Communication between BlueCat Servers
 Labs – Enabling Best Practices and Configuring HTTPS

MODULE 2: SECURING DNS

 Understand DNS as a Target

 Understand Components Needing Securing including the Host Platform,
DNS Software, Zone and
 Configuration Files and Transactions
 Defining TSIG Keys
 Lab – Configuring TSIG Keys for Server Pairs

MODULE 3: DNS SECURE ARCHITECTURES

 DNS Roles and Responsibilities

 Understand the DNS Four Quadrant Architecture

MODULE 4: TYPES OF DNS ATTACKS

 Understand Types of DNS Attacks

 Lab – Configuring Response Rate Limiting
MODULE 5: DNSSEC

 What Does DNSSEC Do For You?

 Understand DNSSEC Components
 Configure DNSSEC Policies
 Sign Forward and Reverse DNS Zones
 Understand Key Management including Emergency Key Rollovers
 Configure a Validating Server
 Labs – Configuring DNSSEC on Authoritative and Recursive Servers

MODULE 6: DNS THREAT PROTECTION

 What is DNS Threat Protection?

 Configure DNS Threat Protection and Response Policy (RPZ) zones
 Lab – Configuring DNS Threat Protection

MODULE 7: ADVANCED DNS CONFIGURATION

 Understand Anycast
 Understand and Configure GSS-TSIG
 Configure Reverse DNS Delegation Lab – Setting Reverse Zone Format

MODULE 8: DHCP FINGERPRINTING

 Importing a DHCP Fingerprint Database

 Create DHCP Fingerprints
 Lab – Configuring DHCP Fingerprinting