19Eki
Security Risks of Unprovisioned DNS Records
A review of controls and associated risks identified a use case for DNS deprovisioning procedures. Specifically, an A record was not cleaned up and the domain has embedded the organization's name.
Upon review, there are security concerns that this can be a security risk that a malicious actor could leverage to perform cyber threats (e.g., phishing, etc.). The organizing noted that this is not a cyber risk, and if not cleaned up should not be an issue. Are there some specific use cases that confirm cybersecurity risks if not cleaning up DNS records?
