Microsoft SharePoint 2013 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The SharePoint setup account must be configured with the minimum privileges on the SQL server.
Separation of duties is a prevalent Information Technology control implemented at different layers of the information system including the operating system and in applications. It serves to elimina...Rule Medium Severity -
SRG-APP-000516
Group -
A secondary SharePoint site collection administrator must be defined when creating a new site collection.
If a site reaches its maximum size, users will be denied access until an administrator fixes the problem. Having a secondary administrator reduces the risk of having a Denial-of-Service on a site. ...Rule Low Severity -
SRG-APP-000142
Group -
SRG-APP-000516
Group -
SharePoint-specific malware (i.e. anti-virus) protection software must be integrated and configured.
Configuring anti-virus settings ensures documents will be scanned for viruses upon download from and upload to the SharePoint server. Anti-virus settings are not configured by default, therefore le...Rule Medium Severity -
SRG-APP-000516
Group -
SharePoint server access to the Online Web Part Gallery must be configured for limited access.
Web Part galleries are groupings of Web Parts. There are four Web Part galleries: Closed Web Parts, Site Name Gallery, Server Gallery, and Online Gallery. The Online Gallery is a collection of Micr...Rule Medium Severity -
SRG-APP-000516
Group -
SRG-APP-000204
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.