Skip to content

Microsoft SharePoint 2013 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • SharePoint server access to the Online Web Part Gallery must be configured for limited access.

    &lt;VulnDiscussion&gt;Web Part galleries are groupings of Web Parts. There are four Web Part galleries: Closed Web Parts, Site Name Gallery, Server...
    Rule Medium Severity
  • SRG-APP-000516

    <GroupDescription></GroupDescription>
    Group
  • The SharePoint farm service account (database access account) must be configured with the minimum privileges for the local server.

    &lt;VulnDiscussion&gt;Separation of duties is a prevalent Information Technology control implemented at different layers of the information system ...
    Rule Medium Severity
  • SRG-APP-000204

    <GroupDescription></GroupDescription>
    Group
  • SharePoint must validate the integrity of security attributes exchanged between systems.

    &lt;VulnDiscussion&gt;When data is exchanged between information systems, the security attributes associated with said data need to be maintained. ...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules