Title: ICANN's Technical Mission
Audience: General Public, Newcomers, Policy Makers
Duration (Remote Delivery): 1 hour
Prerequisite Courses: None
Description: This course will provide an overview of ICANN's technical mission. Beyond the policy development coordination role for the community, ICANN plays a significant role coordinating the technical aspects of the Internet's unique identifier system.
Expected Outcome
Participants should be equipped to understand and explain ICANN's technical missions and engage.
Course Outline
- ICANN Ecosystem
- Introduction to Unique Identifiers
- Numbers: IANA function & the RIR System
- Protocol Parameters: IANA function and The IETF
- Names: DNS, DNS Resolution, Root Server System
- The Registry/Registrar/Registrant model
- Security, Stability, and Resiliency: DNSSEC, Compliance, OpSec
- Policy Development Processes and Stakeholder Engagement
|
Title: DNS 101
Audience: General Public, Newcomers, Policy Makers, Network Engineers
Duration (Remote Delivery): 2 hours
Prerequisite Courses: None
Description: This course will provide participants with basic knowledge of how DNS works and how the different DNS components interact with each other.
Expected Outcome
Participants will be able to understand the concepts of the Domain Name System.
Course Outline
- Brief History of DNS
- The Name Space, Delegation, Zones
- Components for the DNS: Authoritative Servers, Resolvers (Stub & Recursives)
- Root Server System 101
- DNS Data: Zone Files, RR Types, Glue
- DNS Security Overview
|
Title: DNSSEC 101
Audience: DNS Administrators, Policy Makers with technical background, Network Engineers
Duration (Remote Delivery): 4 hours
Prerequisite Courses: DNS 101
Description: To protect DNS data, it is important for DNS operators to understand DNS Security Extensions (DNSSEC). This course will discuss the DNSSEC concepts in detail covering the signing and validation of DNS data.
Expected Outcome
Participants should be able to understand the concepts of DNSSEC and the deployment aspects.
Course Outline
- Public Key Cryptography
- DNSSEC Overview
- Signing
- Validation
- Non-existence
- Key management
- Chain of Trust
- Policy Considerations
|
Title: Advanced DNS
Audience: Technical staff who are involved in the operation of DNS and managing, administering DNS servers
Duration (Remote Delivery): 6 hours
Prerequisite Courses: DNS 101
Description: This course will discuss the DNS operations, configurations and security in detail. Participants will be involved in lab exercises to configure DNS servers and apply various security considerations.
Expected Outcome
Participants should be able to understand the DNS operations in detail.
Course Outline
- Configuring Recursive Servers
- Configuring Authoritative Servers
- Zone transfers
- ACLs
- TSIG
- Logging
- Reverse DNS
- DNSSEC Overview
|
Title: Advanced DNSSEC
Audience: Technical staff who are involved in the operation of DNS and managing, administering DNS servers
Duration (Remote Delivery): 6 hours
Prerequisite Courses: DNS 101, DNSSEC 101
Description: This course will discuss the DNSSEC concepts in detail. The course also provides an understanding of DNS-based Authentication of Named Entities (DANE) protocol. Participants will be involved in lab exercises to configure DNSSEC.
Expected Outcome
Participants should be able to prepare themselves towards the deployment of DNSSEC.
Course Outline
- Resource Records: DNSKEY, RRSIG, NSEC, DS
- Setting up validation in a Recursive Server
- Signing Zones (Authoritative Servers)
- DNSSEC operations and maintenance
- Tools: Troubleshooting and Monitoring
- Overview of DANE, TLS, and DNSSEC
|
Title: Registry Operations for ccTLDs
Audience: ccTLD managers and operational staff who are involved in the registry operations
Duration (Remote Delivery): 4 hours
Prerequisite Courses: DNS 101
Description: This course will discuss DNS registry operations, best practices, and management aspects, focusing on ccTLDs.
Expected Outcome
Participants should be able to understand the best current practices in operating ccTLD registries.
Course Outline
- Registry Ecosystem @ICANN: GNSO, ccNSO, SSAC
- ccTLD Registry Operation
- DNS and Zone file(s) Management
- Name registration (WHOIS/RDAP)
- Registrar Management
- Registry Best Practices
- Security Considerations (DNSSEC, TLD-OPS)
|
Title: OSINT: Fighting DNS Abuse (DNS Abuse for LEAs)
Audience: Law Enforcement personnel who are involved in handling abuses related to Internet Identifiers
Duration (Remote Delivery): 2 hours
Prerequisite Courses: DNS 101
Description: This course will discuss the best practices in handling DNS abuse and various tools to identify such abuses related to DNS. The course also covers how law enforcement authorities can engage with ICANN.
Expected Outcome
Participants should be able to understand the various aspects of DNS related abuses and to use publicly available tools to identify those.
Course Outline
- Internet Identifier Security
- Introduction to public registration data: WHOIS & RDAP
- Investigating DNS Abuse: Tools and Techniques
- Engaging with ICANN: PSWG, Policy development, Capacity Building
|
Title: DNS Abuse: Threats and Mitigation
Audience: Law Enforcement, CERT, and CSIRT personnel who are involved in handling abuses related to Internet Identifiers
Duration (Remote Delivery): 2 hours
Prerequisite Courses: DNS 101
Description: This course will provide a comprehensive discussion on how adversaries abuse and leverage the DNS and domain registration services to carry out different types of attacks and how such abuses can be prevented.
Expected Outcome
Provide law enforcement personnel the necessary knowledge to handle DNS abuse issues and to use public domain tools in relation to the context.
Course Outline
- DNS Threats & Abuses Overview
- Cryptography
- Security Considerations: SSH, DNSSEC, SPF, DMARC, DKIM, etc.
- Investigating DNS Threats & Abuses: Tools and Techniques
- Incident Response
|
Title: Introduction to RDAP for Domain Names Registrations
Audience: DNS Admins, Network Engineers, Policy Makers with technical background, General Public
Duration (Remote Delivery): 2 hours
Prerequisite Courses: None
Description: This course will provide participants an overview of the new protocol intended to replace WHOIS protocol used for domain name registration data.
Expected Outcome
Participants should be able to understand RDAP, its advantages, and the changes it introduces to registration data.
Course Outline
- Introduction to Whois
- Introduction to RDAP Protocol
- RDAP Output Format
- RDAP Queries and responses
- gTLDs and RDAP: Existing support and EDPD
- RDAP Tooling
|
Title: DNS Ecosystem Security
Audience: Engineers, DNS administrators, Policy personnel with technical background
Duration (Remote Delivery): 2 hours
Prerequisite Courses: DNS 101
Description: This course will cover the best practices in securing the overall ecosystem of DNS, from the threats to mitigation perspective.
Expected Outcome
Participants should be able to understand the best practices in securing the DNS.
Course Outline
- Introduction: An Example Attack
- Refresher: Inter-domain Routing 101
- Refresher: DNS Resolution 101
- Common Attacks: Cache Poisoning, Fast Flux, Homographic Attacks, Emojis, IoT, etc.
- Mitigation with DNSSEC
- Mitigation with RPKI
- Mitigation with Request Data Encryption DNS (Stub-->Resolver)
- Mitigation with DMARC, SPF, or DKIM
- Collaborating with ICANN
|
Title: DNS for Internet Service Providers
Audience: Technical staff of ISPs and Network Operators
Duration (Remote Delivery): 4 hours
Prerequisite Courses: DNS 101, DNSSEC 101
Description: This course will discuss the important elements of DNS typically handled by the ISPs and Network Operators, such as operating secured recursive resolvers and the deployment of best current practices.
Expected Outcome
Participants should be able to understand the secure operation of recursive servers.
Course Outline
- Open vs. Closed Resolvers
- DNSSEC Validation
- DoH and DoT
- Hyperlocal
- Monitoring & Troubleshooting
- RPKI (Routing security) and DNS Operations
- Reverse DNS
|
Title: Network Operation Security
Audience: Technical staff who manage and administer networks
Duration (Remote Delivery): 2 hours
Prerequisite Courses: DNS 101
Description: This course will cover security best practices and provide skills to monitor and increase overall security of network infrastructure.
Expected Outcome
Participants should be able to understand and enhance security in their networks.
Course Outline
- Internet Identifiers and Security Best Practices
- Cryptography
- SSH, PGP, DNSSEC, RPKI
- Monitoring and Tools
- Incident Response
|
Title: UA: Email Address Internationalization (EAI)
Audience: Mail Server Administrators, System Administrators, Network Engineers
Duration (Remote Delivery): 2 hours
Prerequisite Courses: None
Description: This course will discuss the Email Address internationalization (EAI) concepts and mail server compliance.
Expected Outcome
Participants should be able to understand EAI and how to configure mail servers to be EAI compliant.
Course Outline
- Introduction to Unicode, IDNs, and EAI
- EAI Changes
- Delivery Path Considerations
- Postfix and Courier Configurations
|
Title: UA: Universal Acceptance for Java Developers
Audience: Application Developers, System Engineers, IT Managers, Software Providers
Duration (Remote Delivery): 2 hours
Prerequisite Courses: None
Description: This course will provide participants general and technical knowledge on Universal Acceptance issues and functions to be UA ready.
Expected Outcome
Participants should be able to understand the Universal Acceptance of domain names and email addresses from developers perspective.
Course Outline
- Introduction to Unicode, IDNs, and EAI
- Validating UA Identifiers
- Using UA Identifiers: Email and DNS Resolution
- Best Practices
|