In the event of a system failure, the Windows DNS Server must preserve any information necessary to determine cause of failure and any information necessary to return to operations with least disruption to mission processes.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-259412 | WDNS-22-000094 | SV-259412r961125_rule | CCI-001665 | medium |
| Description | ||||
| Failure to a known state can address safety or security in accordance with the mission/business needs of the organization. Failure to a known secure state helps prevent a loss of confidentiality, integrity, or availability in the event of a failure of the information system or a component of the system. Preserving application state information helps to facilitate application restart and return to the operational mode of the organization with less disruption to mission-essential processes. | ||||
| STIG | Date | |||
| Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide | 2025-02-25 | |||
Details
Check Text (C-259412r961125_chk)
Use the AuditPol tool to review the current Audit Policy configuration:
Open a Command Prompt with elevated privileges ("Run as Administrator").
Enter "AuditPol /get /category:*".
Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding.
Object Access >> File System - Failure
Fix Text (F-63059r939940_fix)
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Object Access >> Audit File System with "Failure" selected.