Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Microsoft Exchange 2019 Mailbox Server Security Technical Implementation Guide
SRG-APP-000090
The RBAC role for audit log management must be defined and restricted.
The RBAC role for audit log management must be defined and restricted.
An XCCDF Rule
Details
Profiles
Prose
The RBAC role for audit log management must be defined and restricted.
Medium Severity
<VulnDiscussion>The RBAC role for the audit log management "Audit Log Role" should be defined in the Organizational or Enterprise Domain Security Plan (EDSP) to define the necessary personnel that are required to handle audit logs for the Microsoft Exchange application. Group membership should be audited regularly by checking the EDSP regularly and determine who should and should not have group membership. There are three built-in groups that automatically have membership: Organization Management, Compliance Management, and Records Management.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>