| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-259337 | CAT II | MONT-DC-003 | Microsoft Windows Server Domain Name Sys... | The Windows DNS Server log must be enabled. | - | |||
Check TextLog on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account. Press the Windows key + R and execute "dnsmgmt.msc". Right-click the DNS server and select "Properties". Click the "Event Logging" tab. By default, all events are logged. Verify "Errors and warnings" or "All events" is selected. If any option other than "Errors and warnings" or "All events" is selected, this is a finding. Fix TextLog on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account. Press the Windows key + R and execute "dnsmgmt.msc". Right-click the DNS server and select "Properties". Click the "Event Logging" tab. By default, all events are logged. Select the "Errors and warnings" or "All events" option. Click "Apply". Click "OK". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServerDNS_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 716311E4FBAAECFAAD34DF4E30AF5917CCF6742B ~~~~~ EventLogLevel: 4 - All events
Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServerDNS_V2R3_20251023-172313.ckl
Scan Date: 2026-01-14T12:57:38.179760
Technology Area: Domain Name System
|
||||||||