SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver)

System and Communications Protection

Low Moderate High

Description

The information system that provides name/address resolution service for local clients performs data origin authentication and data integrity verification on the resolution responses it receives from authoritative sources when requested by client systems.\n

Supplemental Guidance

A resolving or caching domain name system (DNS) server is an example of an information system that provides name/address resolution service for local clients and authoritative DNS servers are examples of authoritative sources. NIST Special Publication 800-81 provides guidance on secure domain name system deployment.\n

SC-21 Secure Name / Address Resolution Service (Recursive Or Caching Resolver)

Description

Supplemental Guidance

Enhancements

Compliance Mappings

ISO 17799 (legacy)

COBIT 4.1 (legacy)