The DNS implementation must enforce access restrictions associated with changes to the information system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34061	SRG-NET-000118-DNS-000070	SV-44514r1_rule		Medium

Description
Any changes to the software components of the DNS implementation can potentially have significant effects on the overall security and functionality of the system. Therefore, only qualified and authorized individuals should be allowed to obtain access to privileged level functions. If the DNS system were to enable non-authorized users to make changes to the system, those changes could be implemented without undergoing the appropriate testing, validation, and approval, as well as lead to system degradation and denial of service.

Description

Any changes to the software components of the DNS implementation can potentially have significant effects on the overall security and functionality of the system. Therefore, only qualified and authorized individuals should be allowed to obtain access to privileged level functions. If the DNS system were to enable non-authorized users to make changes to the system, those changes could be implemented without undergoing the appropriate testing, validation, and approval, as well as lead to system degradation and denial of service.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42027r1_chk )
Review the DNS system configuration to verify logical access restrictions associated with changes to the information system are enforced. If the DNS implementation does not enforce the implementation of access controls, this is a finding.

Fix Text (F-37975r1_fix)
Configure the DNS system to enforce access restrictions associated with changes to the information system.