NSA: DNS over HTTPS (DoH) can help prevent “numerous” initial access, command-and-control, and exfiltration techniques used by threat actors. DoH is a protocol for performing remote Domain Name System resolution via the HTTPS protocol. NSA cautions technology “is not a panacea” and can bring “a false sense of security,” it said. Doh is designed to encrypt only the DNS transaction between the client and the DNS server, not any other traffic that happens after the query is satisfied.
Source: https://thehackernews.com/2021/01/nsa-suggests-enterprises-use-designated.html