The network element must uniquely identify and validate destination domains for information transfer.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33918	SRG-NET-000026-DNS-NA	SV-44371r1_rule		Medium

Description
Identifying source and destination addresses for information flows within the network allows forensic reconstruction of events when required, and increases policy compliance by attributing policy violations to specific individuals. Means to enforce this enhancement include ensuring the network element distinguishes between information systems and organizations, and between specific system components or individuals involved in sending and receiving information. Security domain information transfer is not a function of DNS.

Description

Identifying source and destination addresses for information flows within the network allows forensic reconstruction of events when required, and increases policy compliance by attributing policy violations to specific individuals. Means to enforce this enhancement include ensuring the network element distinguishes between information systems and organizations, and between specific system components or individuals involved in sending and receiving information. Security domain information transfer is not a function of DNS.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-41927r1_chk )
This is not a function of DNS.

Fix Text (F-37831r1_fix)
This requirement is NA for DNS. No fix required.