STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

The DNS server implementation must authenticate another DNS server before establishing a remote and/or network connection using bidirectional authentication that is cryptographically based.

DISA Rule

SV-69109r1_rule

Vulnerability Number

V-54863

Group Title

SRG-APP-000395-DNS-000050

Rule Version

SRG-APP-000395-DNS-000050

Severity

CAT II

CCI(s)

• CCI-001967 - The information system authenticates organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.

Weight

10

Fix Recommendation

Configure the DNS server to authenticate another DNS server before establishing a remote and/or network connection using bidirectional authentication that is cryptographically based.

Check Contents

Review the DNS server implementation configuration to determine if the DNS server authenticates another DNS server before establishing a remote and/or network connection using bidirectional authentication that is cryptographically based. If the DNS server does not authenticate another DNS server before establishing a connection, this is a finding.

Vulnerability Number

V-54863

Documentable

False

Rule Version

SRG-APP-000395-DNS-000050

Severity Override Guidance

Review the DNS server implementation configuration to determine if the DNS server authenticates another DNS server before establishing a remote and/or network connection using bidirectional authentication that is cryptographically based. If the DNS server does not authenticate another DNS server before establishing a connection, this is a finding.

Check Content Reference

M

Target Key

2355

Comments