The DNSSEC risk vector determines if a company is using the DNSSEC protocol, which is a public key encryption that authenticates DNS servers, and then assesses the effectiveness of its configuration. The DNSSEC protocol protects against DNS spoofing, which involves diverting traffic to an attacker’s computer, creating an opportunity for loss of confidentiality, data theft, etc.
Navigation Options
SPM App: Findings ➔ Findings Table
- Select a company from your Companies List.
- Go to
Vendor Risk ➔ Findings
- Select a company from your Companies List.
- Go to
Client Risk ➔ Findings
Finding Details
The details include the data in Findings, Diligence details, and also the following information:
| Field | Description |
|---|---|
| Flags | This flag indicates whether this NSEC3 record can cover unsigned delegations. |
| Hash Algorithm | The cryptographic algorithm used to generate the hash. |
| Next Hash | The hashed owner name immediately following the requested record. |
| Previous Hash | The hashed owner name immediately preceding the requested record. |
| Record Hash | The hash of the requested record. |
| Record Type | The type of record returned for this domain. |
| Salt | The value appended to the domain name before the hash is calculated. |
| Types | The DNS record of the original owner. |
- October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu.
- April 8, 2021: Published.
Feedback
0 comments
Please sign in to leave a comment.