STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

The DNS server implementation must follow procedures to re-role a secondary name server as the master name server should the master name server permanently lose functionality.

DISA Rule

SV-69149r1_rule

Vulnerability Number

V-54903

Group Title

SRG-APP-000451-DNS-000069

Rule Version

SRG-APP-000451-DNS-000069

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.
• CCI-002775 - The information system implements organization-defined fail-safe procedures when organization-defined failure conditions occur.

Weight

10

Fix Recommendation

Develop internal procedures to ensure a secondary name server to the master in the event the master DNS name server permanently loses functionality.

Check Contents

Review the DNS server implementation operating documentation to determine if procedures exist to promote a secondary name server to the master in the event the master DNS name server permanently loses functionality.

If procedures do not exist to promote a secondary name server to the master in the event the master DNS name server permanently loses functionality, this is a finding.

Vulnerability Number

V-54903

Documentable

False

Rule Version

SRG-APP-000451-DNS-000069

Severity Override Guidance

Review the DNS server implementation operating documentation to determine if procedures exist to promote a secondary name server to the master in the event the master DNS name server permanently loses functionality.

If procedures do not exist to promote a secondary name server to the master in the event the master DNS name server permanently loses functionality, this is a finding.

Check Content Reference

M

Target Key

2355

Comments