I recently repeated the DNS over TCP survey given to the REN-ISAC community with the FIRST community. FIRST membership is largely made up of incident response teams from around the globe. All types of industry sectors are represented within FIRST such as national CSIRTs, banks, governments, and software vendors. I thought it might be interesting to repeat the survey with a security community where there may be some, but relatively little overlap in membership. I expected FIRST survey respondents to express a greater desire to block or restrict DNS over TCP traffic than their REN-ISAC counterparts. The evidence failed to support that belief.