UCF STIG Viewer Logo

A zone or name server does not have a backup administrator.


Finding ID Version Rule ID IA Controls Severity
V-13314 DNS0125 SV-13886r1_rule Medium
If there is no backup DNS administrator, then there is nobody to assist during a security emergency when the primary administrator is unavailable. In some cases, a backup administrator can also detect problems introduced by the first administrator before these problems are allowed to propagate. Personnel redundancy is as important as technology redundancy for the DNS availability.
DNS Policy 2018-04-05


Check Text ( C-9850r1_chk )
If the site POC cannot produce a list of backup personnel authorized to administer each zone and name server, then this is a finding. If any zone or name server has only one DNS database administrator or only one DNS software administrator, then this is a finding. If there is not a backup administrator for both roles, then this is a finding.
Fix Text (F-12566r1_fix)
Working with appropriate resource managers, the IAO should identify a backup DNS administrator for each zone and name server under the IAOs scope of responsibility.