usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-03-03 17:02:01 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

os_secure_name_resolution

Browse Source
This commit is contained in:
Bob Gendler
2020-11-04 14:21:34 -05:00
parent 737328deab
commit 28ec71bb17
6 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
baselines/800-53_high.yaml
View File

@@ -165,7 +165,7 @@ profile:
- pwpolicy_emergency_accounts_disable
- section: "Permanent"
rules:
- os_request_verification_name_resolution
- os_secure_name_resolution
- os_notify_account_enable
- os_provide_automated_account_management
- os_notify_account_created

2
baselines/800-53_low.yaml
View File

@@ -122,7 +122,7 @@ profile:
- pwpolicy_force_change_password_change
- section: "Permanent"
rules:
- os_request_verification_name_resolution
- os_secure_name_resolution
- os_protect_dos_attacks
- pwpolicy_50_percent
- section: "not_applicable"

2
baselines/800-53_moderate.yaml
View File

@@ -156,7 +156,7 @@ profile:
- pwpolicy_emergency_accounts_disable
- section: "Permanent"
rules:
- os_request_verification_name_resolution
- os_secure_name_resolution
- os_notify_account_enable
- os_provide_automated_account_management
- os_notify_account_created

2
baselines/all_rules.yaml
View File

@@ -205,7 +205,7 @@ profile:
- audit_off_load_records
- audit_enforce_dual_auth
- audit_alert_processing_fail
- os_request_verification_name_resolution
- os_secure_name_resolution
- os_reauth_devices_change_authenticators
- os_notify_account_enable
- os_provide_automated_account_management

2
baselines/cnssi-1253.yaml
View File

@@ -157,7 +157,7 @@ profile:
- pwpolicy_emergency_accounts_disable
- section: "Permanent"
rules:
- os_request_verification_name_resolution
- os_secure_name_resolution
- os_notify_account_enable
- os_provide_automated_account_management
- os_notify_account_created

8
rules/os/os_request_verification_name_resolution.yaml → rules/os/os_secure_name_resolution.yaml
View File

@@ -1,11 +1,11 @@
id: os_request_verification_name_resolution
title: "Must request data origin authentication verification on the name/address resolution responses the system receives from authoritative sources"
id: os_secure_name_resolution
title: "Secure Name Address Resolution Service"
discussion: |
The information system requests and performs data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources.
check: |
This requirement is NA for this technology.
The technology does not support this requirement. This is an applicable-does not meet finding.
fix: |
The requirement is NA. No fix is required.
This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented, but this finding cannot be considered fixed.
references:
cce:
- CCE-85372-1