The DNS server implementation must provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.

An XCCDF Rule

Description

A Trusted Platform Module (TPM) is an example of a hardware-protected data store that can be used to protect cryptographic keys.

ID: SV-263644r982545_rule
Version: SRG-APP-000915-DNS-000310
Severity: Medium
References: CCI-004910
Updated: 23 days ago

Remediation Templates

Configure the DNS server implementation to provide protected storage for cryptographic keys with organization-defined safeguards and/or hardware protected key store.