STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← SC-20 — Secure Name/Address Resolution Service (Authoritative Source)

CCI-001178

Definition

Provide additional data origin authentication artifacts along with the authoritative name resolution data the system returns in response to external name/address resolution queries.

Parent Control

SC-20Secure Name/Address Resolution Service (Authoritative Source)System and Communications Protection

Linked STIG Checks (12)

V-272417CAT IA BIND 9.x server implementation must maintain the integrity and confidentiality of DNS information while it is being prepared for transmission, in transmission, and in use and must perform integrity verification and data origin verification for all DNS information.BIND 9.x Security Technical Implementation GuideV-205176CAT IIA DNS server implementation must provide additional data origin artifacts along with the authoritative data the system returns in response to external name/address resolution queries.Domain Name System (DNS) Security Requirements GuideV-279957CAT IIA DNS server implementation must provide data origin artifacts for internal name/address resolution queries.Domain Name System (DNS) Security Requirements GuideV-265988CAT IIA BIG-IP DNS server implementation must provide additional data origin artifacts along with the authoritative data the system returns in response to external name/address resolution queries.F5 BIG-IP TMOS DNS Security Technical Implementation GuideV-214168CAT IIThe Infoblox system must be configured to provide additional data origin artifacts along with the authoritative data the system returns in response to external name/address resolution queries.Infoblox 7.x DNS Security Technical Implementation GuideV-233907CAT IIThe Infoblox system must provide additional data origin artifacts along with the authoritative data the system returns in response to external name/address resolution queries.Infoblox 8.x DNS Security Technical Implementation GuideV-221217CAT IIExchange Internet-facing Send connectors must specify a Smart Host.Microsoft Exchange 2016 Edge Transport Server Security Technical Implementation GuideV-228374CAT IIExchange Internet-facing Send connectors must specify a Smart Host.Microsoft Exchange 2016 Mailbox Server Security Technical Implementation GuideV-259593CAT IIExchange internet-facing send connectors must specify a Smart Host.Microsoft Exchange 2019 Edge Server Security Technical Implementation GuideV-259670CAT IIExchange internet-facing send connectors must specify a smart host.Microsoft Exchange 2019 Mailbox Server Security Technical Implementation GuideV-215610CAT IIThe Windows 2012 DNS Server must include data origin with authoritative data the system returns in response to external name/address resolution queries.Microsoft Windows 2012 Server Domain Name System Security Technical Implementation GuideV-259373CAT IIThe Windows DNS Server must include data origin with authoritative data the system returns in response to external name/address resolution queries.Microsoft Windows Server Domain Name System (DNS) Security Technical Implementation Guide