Exchange 2010 Hub Transport Server STIG
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Exch-2-771
Group -
Internet facing send Connectors must specify a Smart Host.
In the case of identifying a 'Smart Host' for the email environment, a logical send connector is the preferred method. A 'Smart Host' acts as an Internet Facing Concentrator for other email serve...Rule Medium Severity -
Exch-2-801
Group -
Exch-2-805
Group -
Exchange must not send delivery reports to remote domains.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure tha...Rule Medium Severity -
Exch-2-808
Group -
Exchange must not send non-delivery reports to remote domains.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Ensure tha...Rule Medium Severity -
Exch-2-811
Group -
Exch-2-768
Group -
Exch-2-814
Group -
Exchange must not send auto replies to remote domains.
Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Remote use...Rule Medium Severity -
Exch-2-817
Group -
Exch-2-820
Group -
The Send Fatal Errors to Microsoft must be disabled.
Log files help establish a history of activities, and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. This setting enables an automated log e...Rule Medium Severity -
Exch-2-823
Group -
Administrator audit logging must be enabled.
Unauthorized or malicious data changes can compromise the integrity and usefulness of the data. Automated attacks or malicious users with elevated privileges have the ability to affect change usi...Rule Medium Severity -
Exch-2-826
Group -
Exch-2-828
Group -
Exchange application directory must be protected from unauthorized access.
Default product installations may provide more generous access permissions than are necessary to run the application. By examining and tailoring access permissions to more closely provide the leas...Rule Medium Severity -
Exch-2-831
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.