STIGQter: STIG Summary: Microsoft SharePoint 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

A secondary SharePoint site collection administrator must be defined when creating a new site collection.

DISA Rule

SV-223272r612235_rule

Vulnerability Number

V-223272

Group Title

SRG-APP-000516

Rule Version

SP13-00-000185

Severity

CAT III

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure a secondary SharePoint site collection administrator when creating a new site collection.

Log on to SharePoint Central Administration as a member of the Farm Administration Group.

Click on "Application Management".

Select "Site Collections" >> Change Site Collections Administrator.

For each site, define a Secondary Site Collection Administrator.

Select "OK".

Check Contents

Review the SharePoint server to ensure a secondary site collection administrator is defined when creating a new site collection.

Log on to SharePoint Central Administration as a member of the Farm Administration Group.

Click on "Application Management".

Select "Site Collections" >> Change Site Collections Administrator.

For each Site Collections, review Secondary Site Collection Administrator.

If Secondary Site Collection Administrator is not defined, this is a finding.

Vulnerability Number

V-223272

Documentable

False

Rule Version

SP13-00-000185

Severity Override Guidance

Review the SharePoint server to ensure a secondary site collection administrator is defined when creating a new site collection.

Log on to SharePoint Central Administration as a member of the Farm Administration Group.

Click on "Application Management".

Select "Site Collections" >> Change Site Collections Administrator.

For each Site Collections, review Secondary Site Collection Administrator.

If Secondary Site Collection Administrator is not defined, this is a finding.

Check Content Reference

M

Target Key

4096

Comments