Skip to content
Log In

MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Exchange internal Send connectors must require encryption.

    The Simple Mail Transfer Protocol (SMTP) connector is used by Exchange to send and receive messages from server to server. Several controls work together to provide security between internal server...
    Rule High Severity
    Show

  • SRG-APP-000033

    Group
    Show

  • SRG-APP-000038

    Group
    Show

  • Exchange must have accepted domains configured.

    Exchange may be configured to accept email for multiple domain names. This setting identifies the domains for which the server will accept mail. This check verifies the email server is not acceptin...
    Rule Medium Severity
    Show

  • SRG-APP-000038

    Group
    Show

  • SRG-APP-000089

    Group
    Show

  • SRG-APP-000089

    Group
    Show

  • Exchange Connectivity logging must be enabled.

    A connectivity log is a record of the SMTP connection activity of the outbound message delivery queues to the destination mailbox server, smart host, or domain. Connectivity logging is available on...
    Rule Medium Severity
    Show

  • SRG-APP-000111

    Group
    Show

  • Exchange Queue monitoring must be configured with threshold and action.

    Monitors are automated "process watchers" that respond to performance changes and can be useful in detecting outages and alerting administrators where attention is needed. Exchange has built-in mon...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • SRG-APP-000383

    Group
    Show

  • SRG-APP-000118

    Group
    Show

  • Exchange Audit data must be protected against unauthorized access (read access).

    Log files help establish a history of activities and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. Audit log content must always be considere...
    Rule Medium Severity
    Show

  • SRG-APP-000141

    Group
    Show

  • Exchange Send Fatal Errors to Microsoft must be disabled.

    It is detrimental for applications to provide, or install by default, functionality exceeding requirements or mission objectives. These unnecessary capabilities or services are often overlooked and...
    Rule Medium Severity
    Show

  • SRG-APP-000119

    Group
    Show

  • Exchange audit data must be protected against unauthorized access for modification.

    Log files help establish a history of activities and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. Audit log content must always be considere...
    Rule Medium Severity
    Show

  • SRG-APP-000120

    Group
    Show

  • Exchange filtered messages must be archived.

    By performing filtering at the perimeter, up to 90 percent of spam, malware, and other undesirable messages are eliminated from the message stream rather than admitting them into the mail server en...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules