STIGQter: STIG Summary: BIND 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

A BIND 9.x implementation operating in a split DNS configuration must be approved by the organizations Authorizing Official.

DISA Rule

SV-207588r612253_rule

Vulnerability Number

V-207588

Group Title

SRG-APP-000516-DNS-000500

Rule Version

BIND-9X-001405

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Obtain approval for the split DNS implementation from the Authorizing Official.

Check Contents

If the BIND 9.x name server is not configured for split DNS, this is Not Applicable.

Verify that the split DNS implementation has been approved by the organizations Authorizing Official.

With the assistance of the DNS administrator, obtain the Authorizing Official’s letter of approval for the split DNS implementation.

If the split DNS implementation has not been approved by the organizations Authorizing Official, this is a finding.

Vulnerability Number

V-207588

Documentable

False

Rule Version

BIND-9X-001405

Severity Override Guidance

If the BIND 9.x name server is not configured for split DNS, this is Not Applicable.

Verify that the split DNS implementation has been approved by the organizations Authorizing Official.

With the assistance of the DNS administrator, obtain the Authorizing Official’s letter of approval for the split DNS implementation.

If the split DNS implementation has not been approved by the organizations Authorizing Official, this is a finding.

Check Content Reference

M

Target Key

2926

Comments