STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Infoblox 7.x DNS Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-214170r612370_rule
V-214170
SRG-APP-000214-DNS-000079
IDNS-7X-000230
CAT II
10
Navigate to Data Management >> DNS >> Grid DNS Properties.
Toggle Advanced Mode and select the "DNSSEC" tab.
Modify the “Key-Signing Key Rollover Interval” to a period of no less than one year.
When complete, click "Save & Close" to save the changes and exit the "Properties" screen.
Perform a service restart if necessary.
Follow manual key rollover procedures and ensure changes are published to all applicable systems, including parent DNS systems.
Note: For Infoblox DNS systems on a Classified network, this requirement is Not Applicable.
Navigate to Data Management >> DNS >> Grid DNS properties.
Toggle "Advanced Mode" and click on the "DNSSEC" tab.
Validate the “Key-Signing Key Rollover Interval” is configured to a value of no less than one year.
If the “Key-Signing Key Rollover Interval” is configured to more than one year, this is a finding.
V-214170
False
IDNS-7X-000230
Note: For Infoblox DNS systems on a Classified network, this requirement is Not Applicable.
Navigate to Data Management >> DNS >> Grid DNS properties.
Toggle "Advanced Mode" and click on the "DNSSEC" tab.
Validate the “Key-Signing Key Rollover Interval” is configured to a value of no less than one year.
If the “Key-Signing Key Rollover Interval” is configured to more than one year, this is a finding.
M
3995