STIGQter STIGQter: STIG Summary: Infrastructure Router Security Technical Implementation Guide Juniper Version: 8 Release: 29 Benchmark Date: 25 Jan 2019: The network element must have DNS servers defined if it is configured as a client resolver.

DISA Rule

SV-15331r2_rule

Vulnerability Number

V-3020

Group Title

DNS servers must be defined for client resolver.

Rule Version

NET0820

Severity

CAT III

CCI(s)

Weight

10

Fix Recommendation

Configure the device to include DNS servers or disable domain lookup.

Check Contents

Review the active configuration to ensure that DNS servers have been defined similar to the following example:

[edit system]
name server {
192.168.1.253;
192.168.1.254;
}

Note: Since JUNOS will not send a DNS query to resolve names to IP addresses if a name server is not defined, this will never be a finding.

Vulnerability Number

V-3020

Documentable

False

Rule Version

NET0820

Severity Override Guidance

Review the active configuration to ensure that DNS servers have been defined similar to the following example:

[edit system]
name server {
192.168.1.253;
192.168.1.254;
}

Note: Since JUNOS will not send a DNS query to resolve names to IP addresses if a name server is not defined, this will never be a finding.

Check Content Reference

M

Responsibility

Information Assurance Officer

Target Key

510

Comments