Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-13036 | DNS0120 | SV-13604r1_rule | Low |
Description |
---|
If an organization does not document who is responsible for the DNS function, then there is a significant potential that unauthorized individuals will obtain privileged access to name servers. During a security breach, it will be difficult to assign accountability for improper transactions if it is not known who is responsible for this function. |
STIG | Date |
---|---|
DNS Policy | 2016-09-26 |
Check Text ( C-3358r1_chk ) |
---|
If the site POC cannot produce a list of personnel authorized to administer each zone and name server, then this is a finding. |
Fix Text (F-4340r1_fix) |
---|
The IAO must create and maintain a list of authorized DNS administrators for each zone and name server under the IAOs scope of responsibility. |