SV-214431r508658_rule
V-214431
SRG-APP-000380-WSR-000072
IISW-SV-000147
CAT II
10
Restrict access to the web administration tool to only the web manager and the web manager’s designees.
Right-click InetMgr.exe, then click “Properties” from the “Context” menu.
Select the "Security" tab.
Review the groups and user names.
The following account may have Full control privileges:
TrustedInstaller
Web Managers
Web Manager designees
The following accounts may have read and execute, or read permissions:
Non Web Manager Administrators
ALL APPLICATION PACKAGES (built-in security group)
SYSTEM
Users
Specific users may be granted read and execute and read permissions.
Compare the local documentation authorizing specific users, against the users observed when reviewing the groups and users.
If any other access is observed, this is a finding.
V-214431
False
IISW-SV-000147
Right-click InetMgr.exe, then click “Properties” from the “Context” menu.
Select the "Security" tab.
Review the groups and user names.
The following account may have Full control privileges:
TrustedInstaller
Web Managers
Web Manager designees
The following accounts may have read and execute, or read permissions:
Non Web Manager Administrators
ALL APPLICATION PACKAGES (built-in security group)
SYSTEM
Users
Specific users may be granted read and execute and read permissions.
Compare the local documentation authorizing specific users, against the users observed when reviewing the groups and users.
If any other access is observed, this is a finding.
M
4000