UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The DNS implementation must backup audit data on an organization defined frequency onto a different system or media.


Overview

Finding ID Version Rule ID IA Controls Severity
V-34047 SRG-NET-000105-DNS-000059 SV-44500r1_rule Medium
Description
It is imperative the audit data collected from DNS elements is backed up on a defined frequency onto a different system or media to ensure the longevity of the records, retention of the data, and integrity of the data. If the audit records are not backed up to a different media source they could be inadvertently modified, deleted, or overwritten. If the data is no longer available and integrity cannot be guaranteed, future forensic analysis could be jeopardized. Backing up audit records to a different system or onto separate media than the system being audited, on an organizationally defined frequency, helps to ensure, in the event of a catastrophic system failure, the audit records will be retained.
STIG Date
Domain Name System (DNS) Security Requirements Guide 2012-10-24

Details

Check Text ( C-42014r1_chk )
Review the DNS backup configuration to determine if the DNS software backs up the audit data and records onto a different system or media than the system being audited on an organization defined frequency. If the DNS implementation does not back up the audit data to a different system or media on an organization defined frequency, this is a finding.
Fix Text (F-37962r1_fix)
Configure the DNS to back up all audit data and records to a different system or media on an organization defined frequency.