STIGQter: STIG Summary: Microsoft Windows Server 2019 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:

Windows Server 2019 must implement protection methods such as TLS, encrypted VPNs, or IPsec if the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.

DISA Rule

SV-205829r569188_rule

Vulnerability Number

V-205829

Group Title

SRG-OS-000425-GPOS-00189

Rule Version

WN19-00-000260

Severity

CAT II

CCI(s)

• CCI-002422 - The information system maintains the confidentiality and/or integrity of information during reception.
• CCI-002420 - The information system maintains the confidentiality and/or integrity of information during preparation for transmission.

Weight

10

Fix Recommendation

Configure protection methods such as TLS, encrypted VPNs, or IPsec when the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process.

Check Contents

If the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process, verify protection methods such as TLS, encrypted VPNs, or IPsec have been implemented.

If protection methods have not been implemented, this is a finding.

Vulnerability Number

V-205829

Documentable

False

Rule Version

WN19-00-000260

Severity Override Guidance

If the data owner has a strict requirement for ensuring data integrity and confidentiality is maintained at every step of the data transfer and handling process, verify protection methods such as TLS, encrypted VPNs, or IPsec have been implemented.

If protection methods have not been implemented, this is a finding.

Check Content Reference

M

Target Key

2907

Comments