UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DNS implementation must synchronize its internal clock on an organization defined frequency with an organization defined authoritative time source.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34038 SRG-NET-000097-DNS-000054 SV-44491r1_rule Medium
Description
Determining the correct time a particular event occurred within the DNS architecture is critical when conducting forensic analysis and investigating system events. Without the use of an approved and synchronized time source, configured on the systems, events cannot be accurately correlated and analyzed to determine what is transpiring within the DNS implementation. If an event has been triggered on the network, and the DNS is not configured with the correct time, the event may be seen as insignificant, when in reality the events are related and may have a larger impact across the network. Synchronization of system clocks is needed in order to correctly correlate the timing of events that occur across multiple DNS systems.
STIG Date
Domain Name System (DNS) Security Requirements Guide 2012-10-24

Details

Check Text ( C-42006r1_chk )
Review the DNS system configuration settings to determine if it is synchronizing time of the internal information system clock with an organization defined authoritative time source.
If the DNS system internal clock is not synchronized on an organization defined frequency with an organization defined authoritative time source, this is a finding.
Fix Text (F-37954r1_fix)
Configure the DNS implementation to synchronize the internal clock on an organization defined frequency with an organization defined authoritative time source.