[Nord 5] Deleted DNSL-8

Mitigations for Likelihood:

* Medium to Low: ROUT-1, ROUT-2, CONF-1, CONF-2, CONF-3, CONF-4, CONF-5, DNSL-1, DNSL-2, DNSL-7, DNSL-8, IPv6-1, IPv6-2

* High to Low: ROUT-1, ROUT-2, ROUT-3, CONF-1, CONF-2, CONF-3, CONF-4, CONF-5, DNSL-1, DNSL-2, DNSL-3, DNSL-4, DNSL-5, DNSL-6, DNSL-7, DNSL-8, IPv6-1, IPv6-2

* Medium to Low: ROUT-1, ROUT-2, CONF-1, CONF-2, CONF-3, CONF-4, CONF-5, DNSL-1, DNSL-2, DNSL-7, IPv6-1, IPv6-2

* High to Low: ROUT-1, ROUT-2, ROUT-3, CONF-1, CONF-2, CONF-3, CONF-4, CONF-5, DNSL-1, DNSL-2, DNSL-3, DNSL-4, DNSL-5, DNSL-6, DNSL-7, IPv6-1, IPv6-2

Mitigations for Impact:

* Verdict: No DNS queries are sent to DNS servers outside of the VPN connection.

* Evidence: Method used to induce tunnel failure, packet capture, log messages.

#### 5.2.9.9 MI-DNSL-8 Disclose DNS provider

The VPN client shall clearly inform the user about the operator of the DNS servers being used by the VPN service (e.g., "DNS resolution provided by \[product manufacturer\]" or "DNS resolution provided by Google"). This information should be easily accessible in the client's interface.

* Reference: TR-DNSL

* Objective: Inform the user about third parties handling their DNS queries

* Preparation: None

* Activities: Inspect the VPN client's user interface and any accompanying documentation.

* Verdict: The operator of the DNS service is clearly disclosed.

* Evidence: Screenshot of the relevant UI element or documentation.

### 5.2.10 TR-EISO: Endpoint isolation

#### 5.2.10.1 Requirement

  1. DNSL-1

  1. DNSL-2

  1. DNSL-7

  1. DNSL-8

  1. DOST

  1. EISO

  1. FDRP

  1. DNSL-5

  1. DNSL-6

  1. DNSL-7

  1. DNSL-8

  1. DOST

  1. EISO

  1. FAIR

  1. DNSL-5

  1. DNSL-6

  1. DNSL-7

  1. DNSL-8

  1. DOST

  1. FAIR

  1. FDRP

  1. DNSL-5

  1. DNSL-6

  1. DNSL-7

  1. DNSL-8

  1. DOST

  1. FAIR

  1. FDRP