CCE-35332-6Platform: win8.1 | Date: (C)2015-10-14 (M)2022-10-10 |
Set TTL in the DC Locator DNS Records
This policy setting specifies the value for the Time-To-Live (TTL) field in SRV resource records that are registered by the Net Logon service. These DNS records are dynamically registered, and they are used to locate the domain controller (DC).
To specify the TTL for DC Locator DNS records, click Enabled, and then enter a value in seconds (for example, the value '900' is 15 minutes).
If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
Parameter:
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\System\Net Logon\DC Locator DNS Records!Set TTL in the DC Locator DNS Records
(2) WMI: ###
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: