STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

The DNS server implementation must protect the confidentiality and integrity of secret/private cryptographic keys at rest and the integrity of DNS information at rest.

DISA Rule

SV-69081r1_rule

Vulnerability Number

V-54835

Group Title

SRG-APP-000231-DNS-000033

Rule Version

SRG-APP-000231-DNS-000033

Severity

CAT II

CCI(s)

• CCI-001199 - The information system protects the confidentiality and/or integrity of organization-defined information at rest.

Weight

10

Fix Recommendation

Configure the DNS server to protect the confidentiality and integrity of secret/private cryptographic keys at rest and the integrity of DNS information at rest.

Check Contents

Review the DNS server implementation configuration to determine if the DNS server protects the confidentiality and integrity of secret/private cryptographic keys at rest and the integrity of DNS information at rest. If the DNS server does not properly protect confidentiality and integrity, this is a finding.

Vulnerability Number

V-54835

Documentable

False

Rule Version

SRG-APP-000231-DNS-000033

Severity Override Guidance

Review the DNS server implementation configuration to determine if the DNS server protects the confidentiality and integrity of secret/private cryptographic keys at rest and the integrity of DNS information at rest. If the DNS server does not properly protect confidentiality and integrity, this is a finding.

Check Content Reference

M

Target Key

2355

Comments