Can any one explain to me on how to configure two things for Windows Server 2008 R2 DNS Server.
(1) .Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use block ciphers. Apply patches if available. Note that additional configuration may be required after the installation of the MS12-006 security update in order to enable the split-record countermeasure.
Spoofed Request Amplification DDoS
For Item (2) is related to DNS Server. How to configure DNS Server to prevent spoofed attack?