From 28ec71bb1722e396ea5cf78defd1e8d78661adee Mon Sep 17 00:00:00 2001 From: Bob Gendler Date: Wed, 4 Nov 2020 14:21:34 -0500 Subject: [PATCH] os_secure_name_resolution --- baselines/800-53_high.yaml | 2 +- baselines/800-53_low.yaml | 2 +- baselines/800-53_moderate.yaml | 2 +- baselines/all_rules.yaml | 2 +- baselines/cnssi-1253.yaml | 2 +- ...ame_resolution.yaml => os_secure_name_resolution.yaml} | 8 ++++---- 6 files changed, 9 insertions(+), 9 deletions(-) rename rules/os/{os_request_verification_name_resolution.yaml => os_secure_name_resolution.yaml} (66%) diff --git a/baselines/800-53_high.yaml b/baselines/800-53_high.yaml index 62a6cf84..6d62223f 100644 --- a/baselines/800-53_high.yaml +++ b/baselines/800-53_high.yaml @@ -165,7 +165,7 @@ profile: - pwpolicy_emergency_accounts_disable - section: "Permanent" rules: - - os_request_verification_name_resolution + - os_secure_name_resolution - os_notify_account_enable - os_provide_automated_account_management - os_notify_account_created diff --git a/baselines/800-53_low.yaml b/baselines/800-53_low.yaml index 6ccd6e8a..1bc88f73 100644 --- a/baselines/800-53_low.yaml +++ b/baselines/800-53_low.yaml @@ -122,7 +122,7 @@ profile: - pwpolicy_force_change_password_change - section: "Permanent" rules: - - os_request_verification_name_resolution + - os_secure_name_resolution - os_protect_dos_attacks - pwpolicy_50_percent - section: "not_applicable" diff --git a/baselines/800-53_moderate.yaml b/baselines/800-53_moderate.yaml index b7ad1eb3..b1905440 100644 --- a/baselines/800-53_moderate.yaml +++ b/baselines/800-53_moderate.yaml @@ -156,7 +156,7 @@ profile: - pwpolicy_emergency_accounts_disable - section: "Permanent" rules: - - os_request_verification_name_resolution + - os_secure_name_resolution - os_notify_account_enable - os_provide_automated_account_management - os_notify_account_created diff --git a/baselines/all_rules.yaml b/baselines/all_rules.yaml index 53781554..5f6eec9b 100644 --- a/baselines/all_rules.yaml +++ b/baselines/all_rules.yaml @@ -205,7 +205,7 @@ profile: - audit_off_load_records - audit_enforce_dual_auth - audit_alert_processing_fail - - os_request_verification_name_resolution + - os_secure_name_resolution - os_reauth_devices_change_authenticators - os_notify_account_enable - os_provide_automated_account_management diff --git a/baselines/cnssi-1253.yaml b/baselines/cnssi-1253.yaml index 009ea383..6c4fd3cd 100644 --- a/baselines/cnssi-1253.yaml +++ b/baselines/cnssi-1253.yaml @@ -157,7 +157,7 @@ profile: - pwpolicy_emergency_accounts_disable - section: "Permanent" rules: - - os_request_verification_name_resolution + - os_secure_name_resolution - os_notify_account_enable - os_provide_automated_account_management - os_notify_account_created diff --git a/rules/os/os_request_verification_name_resolution.yaml b/rules/os/os_secure_name_resolution.yaml similarity index 66% rename from rules/os/os_request_verification_name_resolution.yaml rename to rules/os/os_secure_name_resolution.yaml index 8c611283..a3f190c3 100644 --- a/rules/os/os_request_verification_name_resolution.yaml +++ b/rules/os/os_secure_name_resolution.yaml @@ -1,11 +1,11 @@ -id: os_request_verification_name_resolution -title: "Must request data origin authentication verification on the name/address resolution responses the system receives from authoritative sources" +id: os_secure_name_resolution +title: "Secure Name Address Resolution Service" discussion: | The information system requests and performs data origin authentication and data integrity verification on the name/address resolution responses the system receives from authoritative sources. check: | - This requirement is NA for this technology. + The technology does not support this requirement. This is an applicable-does not meet finding. fix: | - The requirement is NA. No fix is required. + This requirement is a permanent finding and cannot be fixed. An appropriate mitigation for the system must be implemented, but this finding cannot be considered fixed. references: cce: - CCE-85372-1