STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

The DNS server implementation must perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days.

DISA Rule

SV-69151r1_rule

Vulnerability Number

V-54905

Group Title

SRG-APP-000473-DNS-000072

Rule Version

SRG-APP-000473-DNS-000072

Severity

CAT II

CCI(s)

• CCI-002699 - The information system performs verification of the correct operation of organization-defined security functions: when the system is in an organization-defined transitional state; upon command by a user with appropriate privileges; and/or on an organization-defined frequency.

Weight

10

Fix Recommendation

Configure the DNS server to perform verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days.

Check Contents

Review the DNS server implementation configuration to determine if the DNS server performs verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days. If the DNS server does not perform this verification when needed, this is a finding.

Vulnerability Number

V-54905

Documentable

False

Rule Version

SRG-APP-000473-DNS-000072

Severity Override Guidance

Review the DNS server implementation configuration to determine if the DNS server performs verification of the correct operation of security functions: upon system start-up and/or restart; upon command by a user with privileged access; and/or every 30 days. If the DNS server does not perform this verification when needed, this is a finding.

Check Content Reference

M

Target Key

2355

Comments