The DNS implementation must establish a trusted communications path between the user and organization defined security functions within the information system.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-34164	SRG-NET-000214-DNS-000128	SV-44617r1_rule		Medium

Description
The DNS user interface must provide an unspoofable and faithful communication channel between the user and any entity trusted to manipulate authorities on the user's behalf. To safeguard critical information that could be used by a malicious user to compromise the device or the entire network infrastructure, a trusted path is required for high-confidence connections between the security functions (i.e., login) of the network element and the user.

Description

The DNS user interface must provide an unspoofable and faithful communication channel between the user and any entity trusted to manipulate authorities on the user's behalf. To safeguard critical information that could be used by a malicious user to compromise the device or the entire network infrastructure, a trusted path is required for high-confidence connections between the security functions (i.e., login) of the network element and the user.

STIG	Date
Domain Name System (DNS) Security Requirements Guide	2012-10-24

Details

Check Text ( C-42124r1_chk )
Review the DNS vendor documentation to determine whether the system utilizes a trusted communications path between the user/administrator and the internal security functions within the system. If a trusted communication path is not utilized, this is a finding.

Fix Text (F-38074r1_fix)
Configure the DNS implementation to establish a trusted communication path between the user and the internal system security functions.