CSCv7|7.7

Title

Use of DNS Filtering Services

Description

Use DNS filtering services to help block access to known malicious domains.

Reference Item Details

Reference: CIS Critical Security Controls v7

Category: Email and Web Browser Protections

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1.22.1 (L1) Ensure 'Cryptomining' is set to 'Enabled'	Windows	CIS Mozilla Firefox ESR GPO v1.0.0 L1
1.4 Use Secure Upstream Caching DNS Servers	Unix	CIS BIND DNS v1.0.0 L2 Caching Only Name Server
1.81 (L1) Ensure 'DNS interception checks enabled' is set to 'Enabled'	Windows	CIS Microsoft Edge v3.0.0 L1
6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available	Palo_Alto	CIS Palo Alto Firewall 11 v1.1.0 L1
6.25 Ensure that 'DNS Policies' is configured on Anti-Spyware profiles if 'DNS Security' license is available	Palo_Alto	CIS Palo Alto Firewall 10 v1.2.0 L1
8.4 Ensure ETag Response Header Fields Do Not Include Inodes	Unix	CIS Apache HTTP Server 2.4 v2.2.0 L2
10.15 Do not resolve hosts on logging valves	Unix	CIS Apache Tomcat 10.1 v1.1.0 L2
10.15 Do not resolve hosts on logging valves	Unix	CIS Apache Tomcat 11 v1.0.0 L2
CIS Control 7 (7.7) Use of DNS Filtering Services	Unix	CAS Implementation Group 1 Audit File