Esc

Forward Resolution Domain Denylisting

D3-FRDDL (Forward Resolution Domain Denylisting)

Definition

Blocking a lookup based on the query's domain name value.

Synonyms: Forward Resolution Domain Blacklisting .

How it works

Policies are created that filter DNS queries using fully qualified domain name (FQDN) of record in the query. A DNS policy can be created for blocking DNS queries from FQDNs that have been identified as unauthorized.

Considerations

Continuous maintenance of unauthorized domain lists is needed to keep up to date as updates occur.

json

Technique Subclasses

There are 3 techniques in this category, Forward Resolution Domain Denylisting.

Name	ID	Definition	Synonyms
Forward Resolution Domain Denylisting	D3-FRDDL	Blocking a lookup based on the query's domain name value.	Forward Resolution Domain Blacklisting
- Hierarchical Domain Denylisting	D3-HDDL	Blocking the resolution of any subdomain of a specified domain name.	Hierarchical Domain Blacklisting
- Homoglyph Denylisting	D3-HDL	Blocking DNS queries that are deceptively similar to legitimate domain names.	Homoglyph Blacklisting

References

All

User Manual

The following references were used to develop the Forward Resolution Domain Denylisting knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

Use DNS Policy for Applying Filters on DNS Queries

Reference Type: User Manual Organization: Microsoft

Source: https://docs.microsoft.com/en-us/windows-server/networking/dns/deploy/apply-filters-on-dns-queries

D3FEND^™

A knowledge graph of cybersecurity countermeasures