STIGQter: STIG Summary: Microsoft IIS 8.5 Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Microsoft IIS 8.5 Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:SV-214417r508658_rule
V-214417
SRG-APP-000211-WSR-000030
IISW-SV-000131
CAT I
10
Ensure non-administrators are not allowed access to the directory tree, the shell, or other operating system functions and utilities.
All non-administrator access to shell scripts and operating system functions must be mission essential and documented.
Obtain a list of the user accounts with access to the system, including all local and domain accounts.
Review the privileges to the web server for each account.
Verify with the system administrator or the ISSO that all privileged accounts are mission essential and documented.
Verify with the system administrator or the ISSO that all non-administrator access to shell scripts and operating system functions are mission essential and documented.
If undocumented privileged accounts are found, this is a finding.
If undocumented non-administrator access to shell scripts and operating system functions are found, this is a finding.
V-214417
False
IISW-SV-000131
Obtain a list of the user accounts with access to the system, including all local and domain accounts.
Review the privileges to the web server for each account.
Verify with the system administrator or the ISSO that all privileged accounts are mission essential and documented.
Verify with the system administrator or the ISSO that all non-administrator access to shell scripts and operating system functions are mission essential and documented.
If undocumented privileged accounts are found, this is a finding.
If undocumented non-administrator access to shell scripts and operating system functions are found, this is a finding.
M
4000