---
names:
  full: "Azure Virtual Machine allows public access to DNS port"
  contextual: "Virtual Machine allows public access to DNS port"
description: >
  Ensure that Azure Virtual Machines do not allow unrestricted public access to 
  the DNS port 53. Exposing DNS to the internet from a VM can pose security 
  risks, such as participation in DNS amplification attacks or unauthorized DNS resolution.
categories:
  - "SECURITY"
type: "COMPLIANCE_POLICY"
frameworkMappings:
  - "/frameworks/cloudaware/resource-security/network-exposure"