STIGQter: STIG Summary: Infoblox 8.x DNS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Jan 2021: STIGQter: STIG Summary: Infoblox 8.x DNS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Jan 2021:SV-233867r621666_rule
V-233867
SRG-APP-000516-DNS-000090
IDNS-8X-400009
CAT I
10
1. Navigate to Data Management >> DNS >> Grid DNS properties.
2. Toggle Advanced Mode and click on the "DNSSEC" tab.
3. Follow manual key rollover procedures and update all non-compliant KSKs and ZSKs to use FIPS-approved algorithms.
Note: For Infoblox DNS systems on a classified network, this requirement is Not Applicable. For Infoblox Grids that run in FIPS mode, this requirement is Not Applicable.
1. Review FIPS requirements to ensure the proper algorithms are used.
2. Navigate to Data Management >> DNS >> Grid DNS properties.
3. Toggle Advanced Mode and click on the "DNSSEC" tab.
4. Validate that all Key Signing Keys (KSKs) and ZSKs use FIPS-approved algorithms.
5. When complete, click "Cancel" to exit the "Properties" screen.
If FIPS-approved algorithms are not used for the KSKs and ZSKs, this is a finding.
If DSA is used, this is a finding.
V-233867
False
IDNS-8X-400009
Note: For Infoblox DNS systems on a classified network, this requirement is Not Applicable. For Infoblox Grids that run in FIPS mode, this requirement is Not Applicable.
1. Review FIPS requirements to ensure the proper algorithms are used.
2. Navigate to Data Management >> DNS >> Grid DNS properties.
3. Toggle Advanced Mode and click on the "DNSSEC" tab.
4. Validate that all Key Signing Keys (KSKs) and ZSKs use FIPS-approved algorithms.
5. When complete, click "Cancel" to exit the "Properties" screen.
If FIPS-approved algorithms are not used for the KSKs and ZSKs, this is a finding.
If DSA is used, this is a finding.
M
5251