The Windows 2012 DNS Server must maintain the integrity of information during reception.

An XCCDF Rule

Description

Information can be either unintentionally or maliciously disclosed or modified during preparation for transmission, including, for example, during aggregation, at protocol transformation points, and during packing/unpacking. These unauthorized disclosures or modifications compromise the confidentiality or integrity of the information.

ID: SV-215636r561297_rule
Version: WDNS-SC-000030
Severity: Medium
References: CCI-002420
Updated: 24 days ago

Remediation Templates

Sign, or re-sign, the hosted zone(s) on the DNS server being validated.

Log on to the Windows 2012 DNS server using the Domain Admin or Enterprise Admin account.

Press Windows Key + R, execute dnsmgmt.msc.
On the opened DNS Manager snap-in from the left pane, expand the server name for the DNS server, and then expand Forward Lookup Zones.

From the expanded list, right-click to select the zone (repeat for each hosted zone), point to DNSSEC, and then click Sign the Zone, either using approved saved parameters or approved custom parameters.

The Windows 2012 DNS Server must maintain the integrity of information during reception.

Description

Remediation Templates

A Manual Procedure