STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The DNS server implementation must log the event and notify the system administrator when anomalies in the operation of the signed zone transfers are discovered.

DISA Rule

SV-214200r612370_rule

Vulnerability Number

V-214200

Group Title

SRG-APP-000474-DNS-000073

Rule Version

IDNS-7X-000660

Severity

CAT II

CCI(s)

CCI-002702 - The information system shuts the information system down, restarts the information system, and/or initiates organization-defined alternative action(s) when anomalies in the operation of the organization-defined security functions are discovered.

Weight

Fix Recommendation

Navigate to "Grid" tab and edit "Grid Properties".

Toggle Advanced mode, and review "Monitoring", "SNMP", "SNMP Threshold", "Email" and "Notifications" tab.
Configure remote SYSLOG, Email, or SNMP notifications.
When complete, click "Save & Close" to save the changes and exit the "Properties" screen.

Perform a service restart if necessary.

Check Contents

Infoblox systems are capable of providing notifications via remote SYSLOG, SNMP, and SMTP.

Navigate to the "Grid" tab and select "Grid Properties".
Toggle Advanced mode, and review "Monitoring", "SNMP", "SNMP Threshold", "Email", and "Notifications" tabs.
When complete, click "Cancel" to exit the "Properties" screen.

If no external notifications are enabled, this is a finding.

The DNS server implementation must log the event and notify the system administrator when anomalies in the operation of the signed zone transfers are discovered.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments