The network element must employ automated mechanisms to detect the presence of unauthorized software on organizational information systems and notify designated organizational officials in accordance with the organization defined frequency.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34132	SRG-NET-000181-DNS-NA	SV-44585r1_rule		Medium

Description
Malicious software, such as Trojan horses, hacker tools, DDoS (Distributed Denial of Service) agents, and spyware, can establish a base on individual desktops and servers. Many of these are not detected by anti-virus software or even host intrusion detection systems. Once they have residency within the network, unauthorized users are able to breach firewalls and access sensitive data by assuming the identity of authorized users. The goal of running vulnerability assessment scans is to identify devices on your network that are open to known vulnerabilities. Detection of unauthorized software is not a function of DNS.

Description

Malicious software, such as Trojan horses, hacker tools, DDoS (Distributed Denial of Service) agents, and spyware, can establish a base on individual desktops and servers. Many of these are not detected by anti-virus software or even host intrusion detection systems. Once they have residency within the network, unauthorized users are able to breach firewalls and access sensitive data by assuming the identity of authorized users. The goal of running vulnerability assessment scans is to identify devices on your network that are open to known vulnerabilities. Detection of unauthorized software is not a function of DNS.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42092r1_chk )
This is not a function of DNS.

Fix Text (F-38042r1_fix)
This requirement is NA for DNS. No fix required.