Your browser has JavaScript turned off.
You must turn it on to proceed.










NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8904

Number 9-8-8904
Priority Critical
Description Utilize DNSSEC:
ISPs should use Domain Name System (DNS) Security Extensions (DNSSEC) to protect the DNS. ISPs should consider, at a minimum, the following:
• sign and regularly test the validity of their own DNS zones,
• routinely validate the DNSSEC signatures of other zones;
• employ automated methods to routinely test DNSSEC-signed zones for DNSSEC signature validity.
Network Type(s) Internet/Data
Industry Role(s) Service Provider
Keyword(s) Cyber Security;Encryption;Intrusion Detection;
Reference/Comments More information can be found at:
http://dnssec.net
https://www.dnssec-deployment.org

Note that the Best Practices in this grouping are primarily aimed at ISPs that provide service to consumer end-users on residential broadband networks, but may be applicable to other users and networks as well.