STIGQter STIGQter: STIG Summary: Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

The Windows 2012 DNS Server log must be enabled.

DISA Rule

SV-215650r561297_rule

Vulnerability Number

V-215650

Group Title

SRG-APP-000089-DNS-000004

Rule Version

WDNS-AU-000005

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Log on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account.

Press Windows Key + R, execute dnsmgmt.msc.

Right-click the DNS server, select “Properties”.

Click on the “Event Logging” tab. By default, all events are logged.

Select the "Errors and warnings" or "All events" option.

Click on “Apply”.

Click “OK”.

Check Contents

Log on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account.

Press Windows Key + R, execute dnsmgmt.msc.

Right-click the DNS server, select “Properties”.

Click on the “Event Logging” tab. By default, all events are logged.

Verify "Errors and warnings" or "All events" is selected.

If any option other than "Errors and warnings" or "All events" is selected, this is a finding.

Vulnerability Number

V-215650

Documentable

False

Rule Version

WDNS-AU-000005

Severity Override Guidance

Log on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account.

Press Windows Key + R, execute dnsmgmt.msc.

Right-click the DNS server, select “Properties”.

Click on the “Event Logging” tab. By default, all events are logged.

Verify "Errors and warnings" or "All events" is selected.

If any option other than "Errors and warnings" or "All events" is selected, this is a finding.

Check Content Reference

M

Target Key

4016

Comments