STIGQter: STIG Summary: Domain Name System (DNS) Security Requirements Guide Version: 2 Release: 4 Benchmark Date: 23 Oct 2015:

The DNS server implementation must utilize cryptographic mechanisms to prevent unauthorized disclosure of non-DNS data stored on the DNS server.

DISA Rule

SV-69135r1_rule

Vulnerability Number

V-54889

Group Title

SRG-APP-000429-DNS-000062

Rule Version

SRG-APP-000429-DNS-000062

Severity

CAT II

CCI(s)

• CCI-002476 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of organization-defined information at rest on organization-defined information system components.

Weight

10

Fix Recommendation

Configure the DNS server to utilize cryptographic mechanisms to prevent unauthorized disclosure of non-DNS data while stored on the DNS server.

Check Contents

Review the DNS server implementation configuration to determine if the DNS server utilizes cryptographic mechanisms to prevent unauthorized disclosure of non-DNS data while stored on the DNS server.

If the DNS server does not utilize cryptographic mechanisms to prevent unauthorized disclosure, this is a finding.

Vulnerability Number

V-54889

Documentable

False

Rule Version

SRG-APP-000429-DNS-000062

Severity Override Guidance

Review the DNS server implementation configuration to determine if the DNS server utilizes cryptographic mechanisms to prevent unauthorized disclosure of non-DNS data while stored on the DNS server.

If the DNS server does not utilize cryptographic mechanisms to prevent unauthorized disclosure, this is a finding.

Check Content Reference

M

Target Key

2355

Comments