Skip to content

I - Mission Critical Sensitive

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000348-DNS-000042

    <GroupDescription></GroupDescription>
    Group
  • The Infoblox system must provide the means for authorized individuals to determine the identity of the source of the DNS server-provided information.

    &lt;VulnDiscussion&gt;Without a means for identifying the individual who produced the information, the information cannot be relied on. Identifying...
    Rule Medium Severity
  • SRG-APP-000349-DNS-000043

    <GroupDescription></GroupDescription>
    Group
  • The Infoblox system must validate the binding of the other DNS servers' identity to the DNS information for a server-to-server transaction (e.g., zone transfer).

    &lt;VulnDiscussion&gt;Validation of the binding of the information prevents the modification of information between production and review. The vali...
    Rule Medium Severity
  • SRG-APP-000350-DNS-000044

    <GroupDescription></GroupDescription>
    Group
  • The Infoblox system must send a notification in the event of an error when validating the binding of another DNS server’s identity to the DNS information.

    &lt;VulnDiscussion&gt;Failing to act on validation errors may result in the use of invalid, corrupted, or compromised information. The validation o...
    Rule Medium Severity
  • SRG-APP-000420-DNS-000053

    <GroupDescription></GroupDescription>
    Group
  • The Infoblox DNS server must provide data origin artifacts for internal name/address resolution queries.

    &lt;VulnDiscussion&gt;The major threat associated with DNS forged responses or failures is the integrity of the DNS data returned in the response. ...
    Rule Medium Severity
  • SRG-APP-000421-DNS-000054

    <GroupDescription></GroupDescription>
    Group
  • The Infoblox DNS server must provide data integrity protection artifacts for internal name/address resolution queries.

    &lt;VulnDiscussion&gt;The major threat associated with DNS forged responses or failures is the integrity of the DNS data returned in the response. ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules