Exchange 2010 Client Access Server STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Exch-1-002
Group -
Exch-1-005
Group -
Exch-1-103
Group -
Exch-2-826
Group -
Exch-1-008
Group -
Exch-2-831
Group -
Exch-1-202
Group -
Exch-1-203
Group -
Encryption must be used for OWA access.
This setting controls whether client machines should be forced to use secure channels to communicate with this virtual directory. If this feature is enabled, clients will only be able to communica...Rule Medium Severity -
Exch-1-205
Group -
Exch-2-817
Group -
Audit data must be protected against unauthorized access.
Log files help establish a history of activities, and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. Audit log content must always be consid...Rule Medium Severity -
Exch-2-828
Group -
Exch-1-402
Group -
Outlook Anywhere (OA) clients must use NTLM authentication to access email.
Identification and Authentication provide the foundation for access control. Access to email services applications require NTLM authentication. Outlook Anywhere, if authorized for use by the site...Rule Medium Severity -
Exch-2-820
Group -
The Send Fatal Errors to Microsoft must be disabled.
Log files help establish a history of activities, and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. This setting enables an automated log e...Rule Medium Severity -
Exch-2-823
Group -
Administrator audit logging must be enabled.
Unauthorized or malicious data changes can compromise the integrity and usefulness of the data. Automated attacks or malicious users with elevated privileges have the ability to affect change usi...Rule Medium Severity -
Exch-1-603
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules