The Internet Printing Protocol (IPP) must be disabled on the IIS 10.0 web server.

An XCCDF Rule

Details
Profiles

Description

The use of IPP on an IIS web server allows client access to shared printers. This privileged access could allow remote code execution by increasing the web servers attack surface. Additionally, since IPP does not support SSL, it is considered a risk and will not be deployed.

ID: SV-218818r961470_rule
Version: IIST-SV-000149
Severity: Medium
References: CCI-001762
Updated: 3 days ago

Remediation Templates

Click “Start”, click “Administrative Tools”, and then click “Server Manager”.

Expand the roles node, right-click “Print Services”, and then select “Remove Roles Services”.

If the Internet Printing option is checked, clear the check box, click “Next”, and then click “Remove” to complete the wizard.

The Internet Printing Protocol (IPP) must be disabled on the IIS 10.0 web server.

Description

Remediation Templates

A Manual Procedure