STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

The DNS server implementations audit records must be backed up at least every seven days onto a different system or system component than the system or component being audited.

DISA Rule

SV-69041r1_rule

Vulnerability Number

V-54795

Group Title

SRG-APP-000125-DNS-000012

Rule Version

SRG-APP-000125-DNS-000012

Severity

CAT II

CCI(s)

• CCI-001348 - The information system backs up audit records on an organization-defined frequency onto a different system or system component than the system or component being audited.

Weight

10

Fix Recommendation

Configure the DNS server or the underlying O/S to send audit log content to a centralized logging facility.

Check Contents

Review the DNS system configuration to determine if audit record content is sent to a centralized audit log repository, either directly by the DNS system or by the underlying O/S.

If the DNS system is not configured to support centralized logging and auditing, this is a finding.

Vulnerability Number

V-54795

Documentable

False

Rule Version

SRG-APP-000125-DNS-000012

Severity Override Guidance

Review the DNS system configuration to determine if audit record content is sent to a centralized audit log repository, either directly by the DNS system or by the underlying O/S.

If the DNS system is not configured to support centralized logging and auditing, this is a finding.

Check Content Reference

M

Target Key

2355

Comments