The DNS implementation must limit the use of resources by priority.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34143	SRG-NET-000194-DNS-000120	SV-44596r1_rule		Medium

Description
Priority protection helps prevent a lower-priority process from delaying or interfering with the information system servicing any higher-priority process. This control does not apply to components in the information system for which there is only a single user/role. The application must limit the use of resources by priority. Distributed environments, such as DNS, require an infrastructure that allows the servers and clients to locate one another in the environment. Without a prioritization of resources, the DNS could become the victim of a denial of service which may impact all users on the network.

Description

Priority protection helps prevent a lower-priority process from delaying or interfering with the information system servicing any higher-priority process. This control does not apply to components in the information system for which there is only a single user/role. The application must limit the use of resources by priority. Distributed environments, such as DNS, require an infrastructure that allows the servers and clients to locate one another in the environment. Without a prioritization of resources, the DNS could become the victim of a denial of service which may impact all users on the network.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42103r1_chk )
Review the DNS implementation documentation and system configuration to determine if resource prioritization is employed. If the system is not configured to prioritize resources, this is a finding.

Fix Text (F-38053r1_fix)
Configure the DNS system to employ resource prioritization.