SV-207325r615936_rule
V-207325
SRG-APP-000381
EX13-MB-000295
CAT II
10
Update the EDSP.
Monitor the software files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on Exchange servers for unauthorized changes against a baseline on a weekly basis.
Note: This can be done with the use of various monitoring tools.
Review the Email Domain Security Plan (EDSP).
Determine whether the site monitors system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on servers for unauthorized changes against a baseline on a weekly basis.
If software files are not monitored for unauthorized changes, this is a finding.
Note: A properly configured HBSS Policy Auditor File Integrity Monitor (FIM) module will meet the requirement for file integrity checking. The Asset module within HBSS does not meet this requirement.
V-207325
False
EX13-MB-000295
Review the Email Domain Security Plan (EDSP).
Determine whether the site monitors system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on servers for unauthorized changes against a baseline on a weekly basis.
If software files are not monitored for unauthorized changes, this is a finding.
Note: A properly configured HBSS Policy Auditor File Integrity Monitor (FIM) module will meet the requirement for file integrity checking. The Asset module within HBSS does not meet this requirement.
M
2923