An ISP is receiving reports from a portion of its customers who state that typosquatting is occurring when they type in a portion of the URL for the ISP’s website. The reports state that customers are being directed to an advertisement website that is asking for personal information. The security team has verified the DNS system is returning proper results and has no known IOCs. Which of the following should the security team implement to best mitigate this situation?
To mitigate customers being redirected to an advertisement website due to typosquatting, the security team should implement DNS filtering. DNS filtering blocks access to unwanted or malicious websites by filtering DNS requests based on known malicious domains or typosquatting domains. This ensures that even if users mistype the URL, they are not directed to harmful sites, effectively protecting their personal information.
DNS filtering can be used to prevent users from accessing malicious or unintended websites by blocking certain domains at the DNS level. In the case of typosquatting, where users are being directed to an advertisement website asking for personal information, DNS filtering can help by blocking access to these known malicious domains. This would ensure that even if users mistype a URL, they will not be directed to a harmful site.
B. DNS filtering In this situation, where customers are being redirected to an advertisement website when typing in the URL for the ISP's website, implementing DNS filtering would be the most effective way to mitigate the issue. DNS filtering can be used to block access to malicious or unwanted websites by filtering DNS requests based on predefined criteria, such as known malicious domains or typosquatting domains. By implementing DNS filtering, the ISP could prevent customers from being redirected to unauthorized websites and protect their personal information.
B protects it's internal customers
DNS filtering. This measure will prevent users from accidentally navigating to malicious typo-squatting sites by either blocking those sites directly or redirecting users to the correct or a safe site. This proactive approach addresses the issue at the DNS level, where the problem of incorrect URL resolution occurs, making it the most effective solution in this scenario.
The best option to mitigate this situation would be A. DNSSEC (Domain Name System Security Extensions). DNSSEC provides authentication and integrity to the DNS system, helping to protect against certain types of attacks such as DNS spoofing. It can help ensure that the website’s DNS entries are valid and haven’t been tampered with, which can prevent users from being redirected to malicious sites due to typosquatting.