NIST 800-53 SC-22 Mappings

Systems that provide name and address resolution services include domain name system (DNS) servers. To eliminate single points of failure in systems and enhance redundancy, organizations employ at least two authoritative domain name system servers—one configured as the primary server and the other configured as the secondary server. Additionally, organizations typically deploy the servers in two geographically separated network subnetworks (i.e., not located in the same physical facility). For role separation, DNS servers with internal roles only process name and address resolution requests from within organizations (i.e., from internal clients). DNS servers with external roles only process name and address resolution information requests from clients external to organizations (i.e., on external networks, including the Internet). Organizations specify clients that can access authoritative DNS servers in certain roles (e.g., by address ranges and explicit lists).

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1071.003 Mail Protocols
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1071.004 DNS
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1568 Dynamic Resolution
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1568.002 Domain Generation Algorithms
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1071 Application Layer Protocol
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1071.001 Web Protocols
SC-22 Architecture and Provisioning for Name/address Resolution Service Protects T1071.002 File Transfer Protocols