I - Mission Critical Public
Rules and Groups employed by this XCCDF Profile
-
Exch-3-804
Group -
Services must be documented and unnecessary services must be removed or disabled.
Unneeded, but running, services offer attackers an enhanced attack profile, and attackers are constantly watching to discover open ports with running services. By analyzing and disabling unneeded...Rule Medium Severity -
Exch-3-807
Group -
Email application must not share a partition with another application.
In the same way that added security layers can provide a cumulative positive effect on security posture, multiple applications can provide a cumulative negative effect. A vulnerability and subseque...Rule Medium Severity -
Exch-2-014
Group -
Servers must use approved DoD certificates.
Server certificates are required for many security features in Exchange; without them the server cannot engage in many forms of secure communication. Failure to implement valid certificates makes ...Rule Medium Severity -
Exch-3-811
Group -
Email servers must have Email aware virus protection.
With the proliferation of trojans, viruses, and SPAM attaching themselves to email messages (or attachments), it is necessary to have capable email Aware Anti-Virus (AV) products to scan messages a...Rule High Severity -
Exch-3-814
Group -
The current, approved service pack must be installed.
Failure to install the most current Exchange service pack leaves a system vulnerable to exploitation. Current service packs correct known security and system vulnerabilities.Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules