STIGQter: STIG Summary: Infoblox 8.x DNS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Jan 2021: STIGQter: STIG Summary: Infoblox 8.x DNS Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Jan 2021:SV-233909r621666_rule
V-233909
SRG-APP-000214-DNS-000025
IDNS-8X-700004
CAT II
10
1. Navigate to Data Management >> DNS >> Zones tab.
2. Select the parent zone and use the DNSSEC drop-down menu to select "Import Keyset".
3. Add the child zone DS resource records (RRs) and select "Import".
4. Click "Save" and "Close".
Note: For Infoblox DNS systems on a classified network, this requirement is Not Applicable.
Infoblox systems within a Grid configuration automatically publish DS records to the parent zone when the child zone is signed.
If all name servers for parent and child zones are within an Infoblox Grid, this is not a finding.
1. Review the parent zones hosted on the Infoblox server for which the child zone is on the same Infoblox Grid.
2. Verify that each zone includes the DS records for the child zone.
If DS records are not published in the parent zone for DNSSEC signed zones, this is a finding.
V-233909
False
IDNS-8X-700004
Note: For Infoblox DNS systems on a classified network, this requirement is Not Applicable.
Infoblox systems within a Grid configuration automatically publish DS records to the parent zone when the child zone is signed.
If all name servers for parent and child zones are within an Infoblox Grid, this is not a finding.
1. Review the parent zones hosted on the Infoblox server for which the child zone is on the same Infoblox Grid.
2. Verify that each zone includes the DS records for the child zone.
If DS records are not published in the parent zone for DNSSEC signed zones, this is a finding.
M
5251