Domain names are vulnerable to cyber threats. Cybercriminals are on the lookout for ways to capture not only your customers’ data but yours as well. Before you register a domain name, make sure you know the ins and outs of protecting your account and keeping your data protected.
Test your knowledge of some of the most commonly employed cybersecurity options available. Hopefully, you’re already pretty savvy when it comes to the ins and out of protecting a domain from hackers, but better safe than sorry!
CAA records serve what purpose?
- Control which CAs can issue certificates for a particular domain
- Allow any CA to issue a certificate for a domain
- Block all CAs from issuing a certificate for a domain
Correct answer: A
A Certificate Authority Authorisation (CAA) record is a DNS record that you, as domain owner, can enter into your DNS server to prevent unauthorised CAs (Certificate Authority) from issuing a certificate for your domain. Without CAA record restrictions, any CA can issue a certificate, increasing opportunities for your site to become compromised. CAA records are inherited by subdomains, so a CAA record set on example.com, for instance, can also be applied to any subdomains: subdomain.example.com.
DNSSEC prevents which of the following?
- DNS records from being authenticated
- Cybercriminals from intercepting your inquiries
- Users from trusting your site
Correct answer: B
DNS data can be intercepted, modified, and spoofed without being detected. DNSSEC, a set of security extensions to DNS, provides a way to authenticate DNS records, ensuring that users access your website and aren’t redirected to one that is deceptively similar.
DNSSEC validates the different directory services involved in a search: the root (the top level of the Internet directly); the TLD (for example, .COM); and the domain name (Example.com). This authentication process protects users from the risk of providing hackers their personal details.
An SSL certificate secures which of the following data?
- Banking and payment-related information
- Personal information sent via mobile device
Correct answer: C
An SSL certificate encrypts any data a user submits to your website via desktop, tablet, or mobile. This ensures that all data is secure as it travels from their browser to your web server. Credit card, bank details, and passwords are just a few types of sensitive data that need an SSL certificate. With Google increasing its efforts to ensure all browsing is secure-by-default, any site that is not HTTPS-encrypted will be marked as not secure. Therefore, every website – no matter its purpose or the data it collects – should have an SSL certificate.
A strong password prevents the need for which of the following?
- Two-step verification
- Virtual private network (VPN)
- Neither of the above
Correct answer: C
Relying on a password and user name to secure your data is reckless. Massive data breaches are reported all the time: hackers steal passwords, access accounts, steal identities. Two-step verification (TSV) provides an extra level of security to your domain name account. It protects your credit card, email address, bank account, and other personal details. Combining TSV with a good VPN service is a one-two cybersecurity punch that prevents hackers from breaking into your servers whilst allowing you to safely access your account from anywhere.
Domain name spoofing occurs when:
- A hacker registers a domain similar to yours for use in phishing scams
- A hacker registers a domain similar to yours for satirical purposes
- A competitor registers a domain similar to yours to steal your traffic
Correct answer: A
Domain name spoofing occurs when a malicious third party registers a domain name almost identical to yours but will change a single character – say, swap out a I with 1 – in the hopes of netting fast or distracted readers. Users are redirected to a phishing site or one that’s hosting malware. The last thing you want is some fraudster wreaking damage on your brand’s reputation. Be sure to register your trademark with ICANN’s Trademark Clearinghouse. You’ll be able to file a Uniform Rapid Suspension (URS) complaint with the World Intellectual Property Organisation and have the phoney site removed.
Time’s up, pencils down. How’d you do?
Hopefully, you did well but, even if you didn’t, here’s one last thing to keep in mind. If you register your domain name with a registrar who offers the above cybersecurity safeguards, you can rest confident knowing that your domain name’s security is taken seriously and is in good hands. So before registering your domain, shop around. Make sure you choose a registrar with a strong focus on cybersecurity.
EuroDNS, an ICANN accredited domain registrar, has been managing domain name registrations worldwide since 2002. They also offer web hosting, email, domain privacy, DNS, and SSL certificate services.