STIGQter: STIG Summary: Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The Windows 2012 DNS Server must, when a component failure is detected, activate a notification to the system administrator.

DISA Rule

SV-215642r561297_rule

Vulnerability Number

V-215642

Group Title

SRG-APP-000268-DNS-000039

Rule Version

WDNS-SI-000005

Severity

CAT II

CCI(s)

CCI-001328 - The organization, if an information system component failure is detected, activates an organization-defined alarm and/or automatically shuts down the information system.
CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Implement a third-party monitoring system to detect and notify the system administrator upon component failure or, at a minimum, document and implement a procedure to review the diagnostic logs on a routine basis every day.

Check Contents

Notification to system administrator is not configurable in Windows DNS Server. In order for system administrators to be notified when a component fails, the system administrator would need to implement a third-party monitoring system. At a minimum, the system administrator should have a documented procedure in place to review the diagnostic logs on a routine basis every day.

If a third-party monitoring system is not in place to detect and notify the system administrator upon component failures and the system administrator does not have a documented procedure in place to review the diagnostic logs on a routine basis every day, this is a finding.

The Windows 2012 DNS Server must, when a component failure is detected, activate a notification to the system administrator.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments