CCI|CCI-002462

Title

Provide additional data integrity verification artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - dnssec-enable	Unix	DISA BIND 9.x STIG v1r9
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - dnssec-enable	Unix	DISA BIND 9.x STIG v2r2
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - KSK	Unix	DISA BIND 9.x STIG v2r2
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - KSK	Unix	DISA BIND 9.x STIG v1r9
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - zone	Unix	DISA BIND 9.x STIG v1r9
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - zone	Unix	DISA BIND 9.x STIG v2r2
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - ZSK	Unix	DISA BIND 9.x STIG v1r9
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information - ZSK	Unix	DISA BIND 9.x STIG v2r2
BIND-9X-001200 - A BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and t must perform integrity verification and data origin verification for all DNS information.	Unix	DISA BIND 9.x STIG v2r3
WDNS-SC-000006 - WINS lookups must be disabled on the Windows 2012 DNS Server.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v1r14
WDNS-SC-000006 - WINS lookups must be disabled on the Windows 2012 DNS Server.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r1
WDNS-SC-000006 - WINS lookups must be disabled on the Windows 2012 DNS Server.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r5
WDNS-SC-000006 - WINS lookups must be disabled on the Windows 2012 DNS Server.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r7
WDNS-SC-000006 - WINS lookups must be disabled on the Windows 2012 DNS Server.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r4
WDNS-SC-000006 - WINS lookups must be disabled on the Windows 2012 DNS Server.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r6
WDNS-SC-000007 - The Windows 2012 DNS Server must use DNSSEC data within queries to confirm data integrity to DNS resolvers.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v1r14
WDNS-SC-000007 - The Windows 2012 DNS Server must use DNSSEC data within queries to confirm data integrity to DNS resolvers.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r1
WDNS-SC-000007 - The Windows 2012 DNS Server must use DNSSEC data within queries to confirm data integrity to DNS resolvers.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r4
WDNS-SC-000007 - The Windows 2012 DNS Server must use DNSSEC data within queries to confirm data integrity to DNS resolvers.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r6
WDNS-SC-000007 - The Windows 2012 DNS Server must use DNSSEC data within queries to confirm data integrity to DNS resolvers.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r7
WDNS-SC-000007 - The Windows 2012 DNS Server must use DNSSEC data within queries to confirm data integrity to DNS resolvers.	Windows	DISA Microsoft Windows 2012 Server DNS STIG v2r5

Detections

Analytics

CCI|CCI-002462

Title

Reference Item Details

Audit Items