STIGQter STIGQter: STIG Summary: Microsoft Windows 2012 Server Domain Name System Security Technical Implementation Guide Version: 1 Release: 13 Benchmark Date: 24 Jan 2020: The Windows 2012 DNS Server log must be enabled.

DISA Rule

SV-72979r3_rule

Vulnerability Number

V-58549

Group Title

SRG-APP-000089-DNS-000004

Rule Version

WDNS-AU-000005

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Log on to the DNS server using the Domain Admin or Enterprise Admin account.

Press Windows Key + R, execute dnsmgmt.msc.

Right-click the DNS server, select “Properties”.

Click on the “Event Logging” tab. By default, all events are logged.

Select the "Errors and warnings" or "All events" option.

Click on “Apply”.

Click “OK”.

Check Contents

Log on to the DNS server using the Domain Admin or Enterprise Admin account.

Press Windows Key + R, execute dnsmgmt.msc.

Right-click the DNS server, select “Properties”.

Click on the “Event Logging” tab. By default, all events are logged.

Verify "Errors and warnings" or "All events" is selected.

If any option other than "Errors and warnings" or "All events" is selected, this is a finding.

Vulnerability Number

V-58549

Documentable

False

Rule Version

WDNS-AU-000005

Severity Override Guidance

Log on to the DNS server using the Domain Admin or Enterprise Admin account.

Press Windows Key + R, execute dnsmgmt.msc.

Right-click the DNS server, select “Properties”.

Click on the “Event Logging” tab. By default, all events are logged.

Verify "Errors and warnings" or "All events" is selected.

If any option other than "Errors and warnings" or "All events" is selected, this is a finding.

Check Content Reference

M

Target Key

2771

Comments