Securing the Bank's Internet - DNS Governance
-
Date : 23 August 2017
-
Time : 11:00 AM to 07:14 PM IST
-
Topic : Securing a Bank's Internet - DNS Governance
-
Collaborators : PayPal
Presentation Materials
Additional Links
Panelist
Mr. Mehta
Head of Information security, PayPal
Mr. Mehta is the Head of Information security for PayPal's Asia-Pacific region. A seasoned professional and technical leader with 18 years of experience, he has been instrumental in building secure technology solutions for multiple companies across a spectrum of sectors including financial services, healthcare, telecommunication, and government.
He has lead projects across organisations through roles in Security Architecture, Strategic Consulting and Risk Assessments.
Mehta serves on the ISACA Singapore board and has been a speaker at multiple regional conferences like RSA-APAC, CloudSec, CSX, CACS, etc. He has a Master’s in Computer Science and carries major certifications like CISSP, CISM, CRISC, ISO 27001:LA, SANS GIAC GAWN to name a few.
Vivek Srivastav
Research and Innovation vertical, ReBIT
Vivek Srivastav leads the Research and Innovation vertical at ReBIT. In this Industry facing role he is responsible for delivering ReBIT's threat intelligence strategy to strengthen cybersecurity posture for the financial sector, introducing new technologies for furthering the mandate of RBI of creating a safe economic environment of growth, financial inclusion. He is working with industry stakeholders and academic institutions to bring best practices and create execution focused impact on the overall cyber resiliency of the sector.
FAQ
What is DNS Zone?
A DNS zone refers to a certain portion or administrative space within the global Domain Name System (DNS). Each DNS zone represents a boundary of authority subject to management by certain entities. The total of all DNS zones, which are organized in a hierarchical tree-like order of cascading lower-level domains, form the DNS namespace. The authority over each DNS zone is delegated to a legal entity or organization (i.e. a country-code top-level domain registry) or a company/individual registered to use a certain sub-domain within the system. Depending on the administrative rights delegated to a certain entity, DNS zones may consist of only one domain, or of many domains and sub-domains. Further authority over a sub-space could be delegated to other parties, if necessary.
Should a company host its own primary DNS server or outsource it?
These are some of the questions that were asked during the webinars. We are in the process of collating the questions. We will publish them soon.
How does DNS tunneling work? Does this attack vector pose a real threat?
These are some of the questions that were asked during the webinars. We are in the process of collating the questions. We will publish them soon.
Which type of DNS recrods like A, MX, CNAME etc. are more vulnerable?
These are some of the questions that were asked during the webinars. We are in the process of collating the questions. We will publish them soon.
Can we use mechanism such as ssl pinning to prevent DNS Spoofing?
These are some of the questions that were asked during the webinars. We are in the process of collating the questions. We will publish them soon.
What is a good way or a tool to help quickly check how DNS is setup for a company and if it meets industry best practices.
These are some of the questions that were asked during the webinars. We are in the process of collating the questions. We will publish them soon.