The DNS implementation must be configured to allocate audit record storage capacity.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33983	SRG-NET-000082-DNS-000041	SV-44436r1_rule		Medium

Description
In order to ensure the DNS implementation has a sufficient storage capacity in which to write the audit logs, the system must be configured to allocate appropriate audit record storage capacity. If audit record storage capacity is not allocated appropriately, audit logs could be overwritten, not captured at all, or there is a potential for the system to shut down due to audit log failure if incorrectly configured.

Description

In order to ensure the DNS implementation has a sufficient storage capacity in which to write the audit logs, the system must be configured to allocate appropriate audit record storage capacity. If audit record storage capacity is not allocated appropriately, audit logs could be overwritten, not captured at all, or there is a potential for the system to shut down due to audit log failure if incorrectly configured.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-41987r1_chk )
Review the DNS system configuration to determine if adequate audit log storage space and capacity is allocated for all log records generated by the DNS system. If the appropriate storage space is not allocated, this is a finding.

Fix Text (F-37898r1_fix)
Configure the DNS system specifically for the allocation of appropriate storage space for audit logs.