1.5.7 Ensure DNS is servers are configured - nameserver 1 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
1.5.7 Ensure DNS is servers are configured - nameserver 2 | CIS Amazon Linux 2 STIG v1.0.0 L3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.1.6 Ensure DNS server is configured - primary | CIS Check Point Firewall L1 v1.1.0 | CheckPoint | SYSTEM AND COMMUNICATIONS PROTECTION |
3.1 Ensure DNS services are configured correctly - name-server | CIS Cisco Firewall v8.x L1 v4.2.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
3.1 Ensure DNS services are configured correctly - name-server | CIS Cisco Firewall ASA 8 L1 v4.1.0 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2 Restrict Recursive Queries - Authoritative Name Server | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.2 Restrict Recursive Queries - Authoritative Name Server | CIS BIND DNS v3.0.1 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.3 Restrict Query Origins | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.3 Restrict Query Origins | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.3 Restrict Query Origins | CIS BIND DNS v3.0.1 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
3.4 Restrict Queries of the Cache - Authoritative Only | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
4.3 Use Unique Keys for Each Pair of Hosts - unique secret | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
4.3 Use Unique Keys for Each Pair of Hosts - unique secret | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.1 Securely Authenticate Zone Transfers | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.1 Securely Authenticate Zone Transfers | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2 Securely Authenticate Dynamic Updates - allow-update none or localhost | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.2 Securely Authenticate Dynamic Updates - update-policy grant or local | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.3 Securely Authenticate Update Forwarding | CIS BIND DNS v3.0.0 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
5.4 CIFS - 'dns.domainname has been configured' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
5.4 CIFS - 'dns.enable = on' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
5.4 CIFS - 'dns.update.enable = on or secure' | TNS NetApp Data ONTAP 7G | NetApp | SYSTEM AND COMMUNICATIONS PROTECTION |
6 - Verify Security of Forwarding Partners | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
6.1 Ensure Root Domain Alias Record Points to ELB | CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
6.2 Ensure a DNS alias record for the root domain | CIS Amazon Web Services Three-tier Web Architecture L2 1.0.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
7.2 Enable DNSSEC Validation - dnssec-enable | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
7.2 Enable DNSSEC Validation - dnssec-validation | CIS BIND DNS v3.0.0 Caching Only Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
8.3 Ensure Any Signing Keys using RSA Have a Length of 2048 or Greater | CIS BIND DNS v1.0.0 L2 Authoritative Name Server | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
15 - Restrict Recursive Queries | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
16 - Restrict Query Origins | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
17 - Restrict Access to Cache | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
20 - Include TSIG key in named.conf | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
21 - Restrict Zone-Transfers | BIND - TNS BIND Best Practices Audit v1.0.0 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
Adtran : Ensure a trusted, primary DNS server is set | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
Adtran : Ensure a trusted, secondary DNS server is set | TNS Adtran AOS Best Practice Audit | Adtran | SYSTEM AND COMMUNICATIONS PROTECTION |
DNS Profile - Address - DNS Server 1 | Tenable Cisco ACI | Cisco_ACI | SYSTEM AND COMMUNICATIONS PROTECTION |
DNS Profile - Address - DNS Server 2 | Tenable Cisco ACI | Cisco_ACI | SYSTEM AND COMMUNICATIONS PROTECTION |
dns Service - 'dns server primary is configured' | TNS Check Point GAiA Best Practices | CheckPoint | SYSTEM AND COMMUNICATIONS PROTECTION |
DNS: A trusted primary DNS server is configured | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
DNS: A trusted secondary DNS server is configured | TNS Alcatel-Lucent TiMOS/Nokia SR-OS Best Practice Audit | Alcatel | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure DNS services are configured correctly - name-server | Tenable Cisco Firepower Threat Defense Best Practices Audit | Cisco_Firepower | SYSTEM AND COMMUNICATIONS PROTECTION |
Ensure DNS services are configured correctly - name-server | Tenable Cisco Firepower Best Practices Audit | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
FireEye - The appliance uses a trusted DNS server | TNS FireEye | FireEye | SYSTEM AND COMMUNICATIONS PROTECTION |
Fortigate - DNS - primary server | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
Fortigate - DNS - primary server | TNS Fortigate FortiOS Best Practices | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
Fortigate - DNS - secondary server | TNS Fortigate FortiOS Best Practices v2.0.0 | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
Fortigate - DNS - secondary server | TNS Fortigate FortiOS Best Practices | FortiGate | SYSTEM AND COMMUNICATIONS PROTECTION |
ScreenOS:DNS Server - Primary | TNS Juniper ScreenOS Best Practices Audit | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
ScreenOS:DNS Server - Secondary | TNS Juniper ScreenOS Best Practices Audit | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
SonicWALL - Review the DNS Server Settings | TNS SonicWALL v5.9 | SonicWALL | SYSTEM AND COMMUNICATIONS PROTECTION |
WatchGuard : DNS Servers | TNS Best Practice WatchGuard Audit 1.0.0 | WatchGuard | SYSTEM AND COMMUNICATIONS PROTECTION |