| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-259402 | CAT II | MONT-DC-003 | Microsoft Windows Server Domain Name Sys... | The Windows DNS Server must follow procedures to r... | - | |||
Check TextActive Directory (AD)-integrated DNS servers will handle the promotion of a secondary DNS server when a primary DNS server loses functionality. If all of the DNS servers are AD integrated, this is not a finding. Consult with the system administrator to determine if there are documented procedures to re-role a non-AD-integrated secondary name server to a master name server role if a master name server loses functionality. If there are no documented procedures to re-role a non-AD-integrated secondary name server to primary if a master name server loses functionality, this is a finding. Fix TextAD-integrated DNS servers will handle the promotion of a secondary DNS server when a primary DNS server loses functionality. Develop, test, and implement documented procedures to re-role a non-AD-integrated secondary name server to a master name server role if a master name server loses functionality. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServerDNS_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9AF81AAAB8C600DB6410D96A405F37B45D9237F2 ~~~~~ All zones hosted on this server are Active Directory-integrated.
Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServerDNS_V2R3_20251023-172313.ckl
Scan Date: 2026-01-14T12:57:38.179760
Technology Area: Domain Name System
|
||||||||