UCF STIG Viewer Logo

The application must provide additional data origin and integrity artifacts along with the authoritative data the system returns in response to name/address resolution queries.


Overview

Finding ID Version Rule ID IA Controls Severity
V-35617 SRG-APP-000213-AS-NA SV-46904r1_rule Medium
Description
This control enables remote clients to obtain origin authentication and integrity verification assurances for the host/service name to network address resolution information obtained through the service. A Domain Name System (DNS) server is an example of an information system providing name/address resolution service. Digital signatures and cryptographic keys are examples of additional artifacts. DNS resource records are examples of authoritative data. Information systems using technologies other than the DNS to map between host/service names and network addresses provide other means to assure the authenticity and integrity of response data. The DNS security controls are consistent with, and referenced from, OMB Memorandum 08-23. The AS does not perform DNS functions.
STIG Date
Application Server Security Requirements Guide 2013-01-08

Details

Check Text ( C-43960r1_chk )
The requirement is NA for the AS SRG.
Fix Text (F-40158r1_fix)
The requirement is NA. No fix is required.