UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

A list of personnel authorized to administer each zone and name server is not maintained.


Overview

Finding ID Version Rule ID IA Controls Severity
V-13036 DNS0120 SV-13604r1_rule Low
Description
If an organization does not document who is responsible for the DNS function, then there is a significant potential that unauthorized individuals will obtain privileged access to name servers. During a security breach, it will be difficult to assign accountability for improper transactions if it is not known who is responsible for this function.
STIG Date
DNS Policy 2016-09-26

Details

Check Text ( C-3358r1_chk )
If the site POC cannot produce a list of personnel authorized to administer each zone and name server, then this is a finding.
Fix Text (F-4340r1_fix)
The IAO must create and maintain a list of authorized DNS administrators for each zone and name server under the IAOs scope of responsibility.