Checklist Summary:

The primary objective of a DNS review is to examine the site’s administrative practices, name servers, and the zones those name servers support. The review should cover not only the authoritative name servers, but all supporting name servers as well. In some cases, this may not be feasible (e.g., the name server is remotely located), however, if any server supporting a zone is not assessed, this should be clearly documented in the final assessment report. Organizations may also have several caching name servers (i.e., servers that can resolve client queries), but which are not authoritative for any DNS records. These are the servers that are listed in the DNS configuration of the computers on the internal network. A DNS review should also evaluate all of the organization’s caching name servers, but a sample may suffice if there are resource or time constraints. Client DNS configuration is outside the scope of the review, which focuses on DNS servers and related administrative, technical and physical controls.

Checklist Role:

• Server
• Domain Name Server
• DNS Server

Known Issues:

Not Provided

Target Audience:

Not Provided

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not Provided

Regulatory Compliance:

DoD Directive 8500.01

Comments/Warnings/Miscellaneous:

Not Provided

Disclaimer:

Not Provided

Product Support:

Not Provided

Point of Contact:

Customer Support Desk at disa.stig_spt@mail.mil

Sponsor:

Not Provided

Licensing:

Not Provided

Change History:

1/27/2016 Promote to Final
null
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19
Updated URLs - 6/24/19
Updated URLs - 9/11/19

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 09/11/2019