STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

A DNS server implementation must request data origin authentication verification on the name/address resolution responses the system receives from authoritative sources.

DISA Rule

SV-69119r1_rule

Vulnerability Number

V-54873

Group Title

SRG-APP-000423-DNS-000056

Rule Version

SRG-APP-000423-DNS-000056

Severity

CAT II

CCI(s)

• CCI-002465 - The information system requests data origin authentication verification on the name/address resolution responses the system receives from authoritative sources.

Weight

10

Fix Recommendation

Configure the DNS server to request data origin authentication verification on the name/address resolution responses the system receives from authoritative sources.

Check Contents

Review the DNS server implementation configuration to determine if the DNS server requests data origin authentication verification on the name/address resolution responses the system receives from authoritative sources. If the DNS server does not request data origin authentication verification on the responses, this is a finding.

Vulnerability Number

V-54873

Documentable

False

Rule Version

SRG-APP-000423-DNS-000056

Severity Override Guidance

Review the DNS server implementation configuration to determine if the DNS server requests data origin authentication verification on the name/address resolution responses the system receives from authoritative sources. If the DNS server does not request data origin authentication verification on the responses, this is a finding.

Check Content Reference

M

Target Key

2355

Comments