Skip to content

I - Mission Critical Classified

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • The Exchange tarpitting interval must be set.

    &lt;VulnDiscussion&gt;Tarpitting is the practice of artificially delaying server responses for specific Simple Mail Transfer Protocol (SMTP) commun...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange internal Receive connectors must not allow anonymous connections.

    &lt;VulnDiscussion&gt;This control is used to limit the servers that may use this server as a relay. If a Simple Mail Transport Protocol (SMTP) sen...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List entries must be empty.

    &lt;VulnDiscussion&gt;Email system availability depends in part on best practice strategies for setting tuning configurations. Careful tuning reduc...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • The Exchange Simple Mail Transfer Protocol (SMTP) IP Allow List Connection filter must be enabled.

    &lt;VulnDiscussion&gt;Email system availability depends in part on best practice strategies for setting tuning configurations. Careful tuning reduc...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • The Exchange Simple Mail Transfer Protocol (SMTP) Sender filter must be enabled.

    &lt;VulnDiscussion&gt;Email system availability depends in part on best practices strategies for setting tuning configurations. Careful tuning redu...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange must have antispam filtering installed.

    &lt;VulnDiscussion&gt;Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spa...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange must have antispam filtering enabled.

    &lt;VulnDiscussion&gt;Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spa...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange must have antispam filtering configured.

    &lt;VulnDiscussion&gt;Originators of spam messages are constantly changing their techniques in order to defeat spam countermeasures; therefore, spa...
    Rule Medium Severity
  • SRG-APP-000261

    <GroupDescription></GroupDescription>
    Group
  • Exchange Sender Identification Framework must be enabled.

    &lt;VulnDiscussion&gt;Email is only as secure as the recipient. When the recipient is an email server accepting inbound messages, authenticating th...
    Rule Medium Severity
  • SRG-APP-000378

    <GroupDescription></GroupDescription>
    Group
  • The Exchange application directory must be protected from unauthorized access.

    &lt;VulnDiscussion&gt;Default product installations may provide more generous access permissions than are necessary to run the application. By exam...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules