U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Domain Name System (DNS) STIG Version 4, Release 1.18 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Cisco Content Services Switch 11000 cpe:/h:cisco:content_services_switch_11000:- (View CVEs)
ISC Bind 9.3.1 cpe:/a:isc:bind:9.3.1 (View CVEs)
ISC Bind 9.3.2 cpe:/a:isc:bind:9.3.2 (View CVEs)
Microsoft Windows 2000 cpe:/o:microsoft:windows_2000 (View CVEs)
Microsoft Windows Server 2000 cpe:/o:microsoft:windows_2000:-:-:server (View CVEs)
Microsoft Windows Server 2003 cpe:/o:microsoft:windows_2003_server:- (View CVEs)
Microsoft Windows XP cpe:/o:microsoft:windows_xp (View CVEs)

Checklist Highlights

Checklist Name:
Domain Name System (DNS) STIG
Checklist ID:
448
Version:
Version 4, Release 1.18
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
04/26/2013

Checklist Summary:

This document contains procedures that enable qualified personnel to create a Domain Name System (DNS) asset in the Vulnerability Management System (VMS), and conduct DNS assessments or reviews against those assets. The DNS review assesses an organization's compliance with the DNS Security Technical Implementation Guidance (STIG). DISA Field Security Operations (FSO) conducts various types of reviews, to include: Certification and Assessment reviews, Security Test and & Evaluation, and Compliance Inspections. These reviews are conducted to provide DISA, Combatant Commands, and other Department of Defense (DoD) agencies and organizations with a level of confidence that their DNS servers and infrastructure are secure and can adequately support their mission.

Checklist Role:

  • Domain Name Server

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

Questions or comments should be sent to the DISA Field Security Operations (FSO) Customer Support Desk at disa.stig_spt@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 

Version 4, Release 1.17 - 25 April 2014
Version 4, Release 1.16 - 25 October 2013
Version 4, Release 1.15 - 26 July 2013
Version 4, Release 1.14 - 26 April 2013
Version 4, Release 1.13 - 25 January 2013
Version 4, Release 1.12 - 29 April 2011
Version 4, Release 1.18 - 26 January 2015
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 04/15/2019