III - Administrative Sensitive
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Exchange Send Fatal Errors to Microsoft must be disabled.
<VulnDiscussion>It is detrimental for applications to provide, or install by default, functionality exceeding requirements or mission objecti...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
Exchange must not send customer experience reports to Microsoft.
<VulnDiscussion>It is detrimental for applications to provide, or install by default, functionality exceeding requirements or mission objecti...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
The Exchange Internet Message Access Protocol 4 (IMAP4) service must be disabled.
<VulnDiscussion>IMAP4 is not approved for use within the DOD. It uses a clear-text-based user name and password and does not support the DOD ...Rule Medium Severity -
SRG-APP-000141
<GroupDescription></GroupDescription>Group -
The Exchange Post Office Protocol 3 (POP3) service must be disabled.
<VulnDiscussion>POP3 is not approved for use within the DOD. It uses a clear-text-based user name and password and does not support the DOD s...Rule Medium Severity -
SRG-APP-000211
<GroupDescription></GroupDescription>Group -
Exchange Mailbox databases must reside on a dedicated partition.
<VulnDiscussion>In the same way that added security layers can provide a cumulative positive effect on security posture, multiple application...Rule Medium Severity -
SRG-APP-000213
<GroupDescription></GroupDescription>Group -
Exchange internet-facing send connectors must specify a smart host.
<VulnDiscussion>When identifying a "Smart Host" for the email environment, a logical Send connector is the preferred method. A Smart Host ac...Rule Medium Severity -
SRG-APP-000231
<GroupDescription></GroupDescription>Group -
Exchange mailboxes must be retained until backups are complete.
<VulnDiscussion>Backup and recovery procedures are an important part of overall system availability and integrity. Complete backups reduce th...Rule Medium Severity -
SRG-APP-000231
<GroupDescription></GroupDescription>Group -
Exchange email forwarding must be restricted.
<VulnDiscussion>Auto-forwarded email accounts do not meet the requirement for digital signature and encryption of Controlled Unclassified Inf...Rule Medium Severity -
SRG-APP-000231
<GroupDescription></GroupDescription>Group -
Exchange email-forwarding SMTP domains must be restricted.
<VulnDiscussion>Auto-forwarded email accounts do not meet the requirement for digital signature and encryption of Controlled Unclassified Inf...Rule Medium Severity -
SRG-APP-000246
<GroupDescription></GroupDescription>Group -
Exchange mailbox stores must mount at startup.
<VulnDiscussion>Administrator responsibilities include the ability to react to unplanned maintenance tasks or emergency situations that may r...Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.