I was reading a link from a MUM that contained the following advice.........
THIS PART WAS LABELLED WRONG!
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
● /ip firewall nat
add action=masquerade chain=srcnat out-interface=Internet
● /ip firewall filters
add action=fasttrack-connection chain=forward
connection-state=established,related
(Public IP on the Internet interface)

Analysis of the problem
● Problem:
– High CPU load, high amount of unknown traffic on
public interface
Reason:
– Your router is used as Open DNS resolver. It
answers recursive queries for hosts outside of its
domain and is utilized in DNS Amplification attacks

CORRECT IMPLEMENTATION:
/ip firewall filter
add action=reject chain=input dst-port=53
protocol=udp reject-with=icmp-port-unreachable
add action=reject chain=input dst-port=53
protocol=tcp reject-with=icmp-port-unreachable

Well that was very concerning to me as here is my DNS setup and perhaps a few others.........
/ip dns
set allow-remote-requests=yes servers=\
8.8.8.8,8.8.4.4,208.67.220.220,208.67.222.222

/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related connection-state=\
established,related
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="Allow ADMIN to Router" \
in-interface-list=LAN src-address-list=adminaccess
add action=accept chain=input comment="Allow LAN DNS queries-UDP" dst-port=53 \
in-interface-list=LAN protocol=udp
add action=accept chain=input comment="Allow LAN DNS queries - TCP" dst-port=\
53 in-interface-list=LAN protocol=tcp
add action=drop chain=input comment="DROP ALL ELSE"

Would it be prudent or overkill to add the following in the forward chain...............
/ip firewall filter
add action=drop (reject?) chain=forward dst-port=53
in-interface-list=wan protocol=udp
add action=drop chain=forward dst-port=53
in-interface-list=wan protocol=udp

Or since its implied that my input chain allows lan to router for DNS and drops everything else, the firewall rules as they stand are okay??

The problem illustrated by MUM presentation example is lack of firewall. If you have firewall rules in place that prevent use of DNS service on your router by internet clients, then you're fine.
The example of correct implementation (as quoted in your post) has a problem as well ... it shuts off all remote DNS access, including LAN hosts, so it could as well be turned off with allow-remote-requests=no

Well for internal clients all the DHCP servers and gateways are set such that they should all be pointed to theire respective gateway which then point to my set of IP DNS servers.
If those can still be manually bypassed by someone manually setting up a proxy of some sort or perhaps their own DNS servers directly on their computer (most not savvy to do either),
then would that be circumvented by using DNS redirect in NAT rules?

add action=redirect chain=dstnat comment=\
"Force Users to Router for DNS - TCP" disabled=yes dst-port=53 protocol=\
tcp src-address-list=!VLAN_Interfaces
add action=redirect chain=dstnat comment=\
"Force Users to Router for DNS - UDP" disabled=yes dst-port=53 protocol=\
udp src-address-list=!VLAN_Interfaces

The problem is that I don't really know what redirect means?? Input goes to router, forward means pretty much everything else, Wan to lan, lan to Wan, lan to lan.

redirect - replaces destination port of an IP packet to one specified by to-ports parameter and destination address to one of the router's local addresses

redirect - replaces destination port of an IP packet to one specified by to-ports parameter and destination address to one of the router's local addresses

I guess since I have destination port assigned but no TO-PORTs, the router as per other nat rules assumes the to-ports is the same.