A protective DNS service is used to block access to known malicious domain names.
Topic
Protective Domain Name System Services
Applicable to
all
History
Dec 2022
A protective DNS service is used to block access to known malicious domain names.
Language from an existing control relating to the use of protective Domain Name System (DNS) services was amended to include the intended purpose of using a protective DNS service.
Jun 2022
A protective DNS service is used for networks.
In supporting network security activities, a recommendation to use a protective Domain Name System (DNS) service was introduced. A protective DNS service can be an effective way of blocking requests made by an organisation’s users, or an adversary on an organisation’s network, to known malicious domains – either as part of an initial compromise or subsequent command and control activities. DNS event logs captured by a protective DNS service can also be useful for investigating any exploitation attempt or successful compromise of a network by an adversary.