V-259337
CAT IIThe Windows DNS Server log must be enabled.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Log on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account.
Press the Windows key + R and execute "dnsmgmt.msc".
Right-click the DNS server and select "Properties".
Click the "Event Logging" tab. By default, all events are logged.
Verify "Errors and warnings" or "All events" is selected.
If any option other than "Errors and warnings" or "All events" is selected, this is a finding.
Fix Text
Log on to the DNS server using the Domain Admin or Enterprise Admin account or Local Administrator account.
Press the Windows key + R and execute "dnsmgmt.msc".
Right-click the DNS server and select "Properties".
Click the "Event Logging" tab. By default, all events are logged.
Select the "Errors and warnings" or "All events" option.
Click "Apply".
Click "OK".
STIG Reference
- STIG
- Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide
- Version
- 2
- Release
- 4
- Rule ID
- SV-259337r1156965_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServerDNS_V2R3_20251023-172313.ckl | Unassigned | 2026-01-14T12:57:38.179760 | View in Context |