UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DNS implementation must notify the user of the number of successful login attempts to the system occurring during an organization defined time period.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33939 SRG-NET-000050-DNS-000027 SV-44392r1_rule Medium
Description
As most "users" of a DNS platform are administrators, they need to be very vigilant in maintaining situational awareness of activity that occurs regarding their accounts. Providing them with information regarding the number of successful login attempts during a specified period of time allows them to determine if any unauthorized activity has occurred, provides them an opportunity to notify appropriate security personnel if necessary, and ensure other systems have not been affected.
STIG Date
Domain Name System (DNS) Security Requirements Guide 2012-10-24

Details

Check Text ( C-41948r1_chk )
Review the DNS system configuration to determine if the number of successful logon attempts is displayed to the user upon successful login. Request the system administrator perform a login to the system with invalid credentials followed by a successful login for verification of the configuration. If the number of successful attempts, during a specified time period, is not displayed, this is a finding.
Fix Text (F-37852r1_fix)
Configure the DNS system to display, to the user, the number of successful login attempts during the specified period of time, since the last successful login.