STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

In the event of an error when validating the binding of another DNS servers identity to the DNS information, the DNS server implementation must log the event and send notification to the DNS administrator.

DISA Rule

SV-69223r1_rule

Vulnerability Number

V-54977

Group Title

SRG-APP-000350-DNS-000044

Rule Version

SRG-APP-000350-DNS-000044

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.
CCI-001906 - The information system performs organization-defined actions in the event of an error when validating the binding of the information producer identity to the information.

Weight

Fix Recommendation

Configure the DNS server to log the event and send notification to the DNS administrator in the event an error occurs when validating the binding of another DNS server's identity to the DNS information.

Check Contents

Review the DNS server implementation configuration to determine if the DNS server, when it encounters an event or an error when validating the binding of another DNS server's identity to the DNS information, is configured to log the event and send notification to the DNS administrator.

If the DNS server does not log the event and send notification to the DNS administrator in the event of such a validation error, this is a finding.

In the event of an error when validating the binding of another DNS servers identity to the DNS information, the DNS server implementation must log the event and send notification to the DNS administrator.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments