Skip to content
Log In

III - Administrative Public

Rules and Groups employed by this XCCDF Profile

  • SRG-APP-000027

    Group
    Show

  • Exchange must have Administrator audit logging enabled.

    Unauthorized or malicious data changes can compromise the integrity and usefulness of the data. Automated attacks or malicious users with elevated privileges have the ability to effect change using...
    Rule Medium Severity
    Show

  • SRG-APP-000033

    Group
    Show

  • Exchange Servers must use approved DoD certificates.

    Server certificates are required for many security features in Exchange; without them, the server cannot engage in many forms of secure communication. Failure to implement valid certificates make...
    Rule Medium Severity
    Show

  • SRG-APP-000038

    Group
    Show

  • Exchange auto-forwarding email to remote domains must be disabled or restricted.

    Attackers can use automated messages to determine whether a user account is active, in the office, traveling, and so on. An attacker might use this information to conduct future attacks. Verify Aut...
    Rule Medium Severity
    Show

  • SRG-APP-000089

    Group
    Show

  • Exchange Connectivity logging must be enabled.

    A connectivity log is a record of the SMTP connection activity of the outbound message delivery queues to the destination Mailbox server, smart host, or domain. Connectivity logging is available on...
    Rule Medium Severity
    Show

  • SRG-APP-000089

    Group
    Show

  • The Exchange Email Diagnostic log level must be set to the lowest level.

    Log files help establish a history of activities, and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. Diagnostic logging, however, characterist...
    Rule Medium Severity
    Show

  • SRG-APP-000089

    Group
    Show

  • Exchange Audit record parameters must be set.

    Log files help establish a history of activities, and can be useful in detecting attack attempts. This item declares the fields that must be available in the audit log file in order to adequately r...
    Rule Low Severity
    Show

  • SRG-APP-000098

    Group
    Show

  • Exchange Circular Logging must be disabled.

    Logging provides a history of events performed and can also provide evidence of tampering or attack. Failure to create and preserve logs adds to the risk that suspicious events may go unnoticed and...
    Rule Low Severity
    Show

  • SRG-APP-000098

    Group
    Show

  • Exchange Email Subject Line logging must be disabled.

    Log files help establish a history of activities and can be useful in detecting attack attempts or determining tuning adjustments to improve availability. When “message tracking” is enabled, only t...
    Rule Medium Severity
    Show

  • SRG-APP-000098

    Group
    Show

  • Exchange Message Tracking Logging must be enabled.

    A message tracking log provides a detailed log of all message activity as messages are transferred to and from a computer running Exchange. If events are not recorded, it may be difficult or impos...
    Rule Medium Severity
    Show

  • SRG-APP-000111

    Group
    Show

  • Exchange Queue monitoring must be configured with threshold and action.

    Monitors are automated "process watchers" that respond to performance changes and can be useful in detecting outages and alerting administrators where attention is needed. Exchange has built-in mon...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules