Skip to content

Microsoft SharePoint 2013 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The SharePoint setup account must be configured with the minimum privileges on the SQL server.

    &lt;VulnDiscussion&gt;Separation of duties is a prevalent Information Technology control implemented at different layers of the information system ...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The SharePoint setup account must be configured with the minimum privileges for the local server.

    &lt;VulnDiscussion&gt;Separation of duties is a prevalent Information Technology control implemented at different layers of the information system ...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • A secondary SharePoint site collection administrator must be defined when creating a new site collection.

    &lt;VulnDiscussion&gt;If a site reaches its maximum size, users will be denied access until an administrator fixes the problem. Having a secondary ...
    Rule Low Severity
  • SRG-APP-000142

    <GroupDescription></GroupDescription>
    Group
  • When configuring SharePoint Central Administration, the port number selected must comply with DoD Ports and Protocol Management (PPSM) program requirements.

    &lt;VulnDiscussion&gt;During the installation of Microsoft SharePoint, the Central Administration Web site is established on a randomly-assigned TC...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • SharePoint-specific malware (i.e. anti-virus) protection software must be integrated and configured.

    &lt;VulnDiscussion&gt;Configuring anti-virus settings ensures documents will be scanned for viruses upon download from and upload to the SharePoint...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • SharePoint server access to the Online Web Part Gallery must be configured for limited access.

    &lt;VulnDiscussion&gt;Web Part galleries are groupings of Web Parts. There are four Web Part galleries: Closed Web Parts, Site Name Gallery, Server...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The SharePoint farm service account (database access account) must be configured with the minimum privileges for the local server.

    &lt;VulnDiscussion&gt;Separation of duties is a prevalent Information Technology control implemented at different layers of the information system ...
    Rule Medium Severity
  • SRG-APP-000204

    <GroupDescription></GroupDescription>
    Group
  • SharePoint must validate the integrity of security attributes exchanged between systems.

    &lt;VulnDiscussion&gt;When data is exchanged between information systems, the security attributes associated with said data need to be maintained. ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules