Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The network element must deny network traffic and audit internal addresses posing a threat to external information systems.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-34154 | SRG-NET-000204-DNS-NA | SV-44607r1_rule | Medium |
| Description |
|---|
| The firewall will build a state to allow return traffic for all initiated traffic that was allowed outbound. Monitoring and filtering the outbound traffic adds a layer of protection to the enclave, in addition to being a good Internet citizen by preventing the network from being used as an attack base. Boundary protection is not a function of DNS. |
| STIG | Date |
|---|---|
| Domain Name System (DNS) Security Requirements Guide | 2012-10-24 |
Details
| Check Text ( C-42114r1_chk ) |
|---|
| This is not a function of DNS. |
| Fix Text (F-38064r1_fix) |
|---|
| This requirement is NA for DNS. No fix required. |