Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The DNS server implementation must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-263644 | SRG-APP-000915-DNS-000310 | SV-263644r982545_rule | Medium |
| Description |
|---|
| A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys. |
| STIG | Date |
|---|---|
| Domain Name System (DNS) Security Requirements Guide | 2024-07-02 |
Details
| Check Text ( C-67544r982544_chk ) |
|---|
| Verify the DNS server implementation is configured to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store. If the DNS server implementation is not configured to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store, this is a finding. |
| Fix Text (F-67452r982093_fix) |
|---|
| Configure the DNS server implementation to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store. |