Windows Server 2019 system files must be monitored for unauthorized changes.
An XCCDF Rule
Description
Monitoring system files for changes against a baseline on a regular basis may help detect the possible introduction of malicious code on a system.
- ID
- SV-205803r958794_rule
- Version
- WN19-00-000220
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Monitor the system for unauthorized changes to system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) against a baseline on a weekly basis. This can be done with the use of various monitoring tools.