Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The DNS implementation must synchronize its internal clock on an organization defined frequency with an organization defined authoritative time source.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34038 | SRG-NET-000097-DNS-000054 | SV-44491r1_rule | Medium |
| Description |
|---|
| Determining the correct time a particular event occurred within the DNS architecture is critical when conducting forensic analysis and investigating system events. Without the use of an approved and synchronized time source, configured on the systems, events cannot be accurately correlated and analyzed to determine what is transpiring within the DNS implementation. If an event has been triggered on the network, and the DNS is not configured with the correct time, the event may be seen as insignificant, when in reality the events are related and may have a larger impact across the network. Synchronization of system clocks is needed in order to correctly correlate the timing of events that occur across multiple DNS systems. |
| STIG | Date |
|---|---|
| Domain Name System (DNS) Security Requirements Guide | 2012-10-24 |
Details
| Check Text ( C-42006r1_chk ) |
|---|
| Review the DNS system configuration settings to determine if it is synchronizing time of the internal information system clock with an organization defined authoritative time source. If the DNS system internal clock is not synchronized on an organization defined frequency with an organization defined authoritative time source, this is a finding. |
| Fix Text (F-37954r1_fix) |
|---|
| Configure the DNS implementation to synchronize the internal clock on an organization defined frequency with an organization defined authoritative time source. |