STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The DHCP service must not be enabled on an external authoritative name server.

DISA Rule

SV-214225r612370_rule

Vulnerability Number

V-214225

Group Title

SRG-APP-000142-DNS-000014

Rule Version

IDNS-7X-001000

Severity

CAT II

CCI(s)

• CCI-000382 - The organization configures the information system to prohibit or restrict the use of organization-defined functions, ports, protocols, and/or services.

Weight

10

Fix Recommendation

Navigate to Data Management >> DHCP >> Members/Servers tab.

Select the Infoblox member using the check box and click "Stop" in the toolbar to disable the "DHCP" service.

Check Contents

Navigate to Grid >> Grid Manager >> Services tab.

Select "DHCP" and verify only internal Infoblox members have the service enabled.

If an external authoritative name server has DHCP enabled this is a finding.

Vulnerability Number

V-214225

Documentable

False

Rule Version

IDNS-7X-001000

Severity Override Guidance

Navigate to Grid >> Grid Manager >> Services tab.

Select "DHCP" and verify only internal Infoblox members have the service enabled.

If an external authoritative name server has DHCP enabled this is a finding.

Check Content Reference

M

Target Key

3995

Comments