STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

Exchange Mailbox databases must reside on a dedicated partition.

DISA Rule

SV-228373r612748_rule

Vulnerability Number

V-228373

Group Title

SRG-APP-000211

Rule Version

EX16-MB-000200

Severity

CAT II

CCI(s)

• CCI-001082 - The information system separates user functionality (including user interface services) from information system management functionality.

Weight

10

Fix Recommendation

Update the EDSP to specify the location where the Exchange Mailbox databases reside or verify that this information is documented by the organization.

Configure the mailbox databases on a dedicated partition.

Check Contents

Review the Email Domain Security Plan (EDSP) or document that contains this information.

Determine the location where the Exchange Mailbox databases reside.

Open the Exchange Management Shell and enter the following command:

Get-MailboxDatabase | Select Name, Identity, EdbFilePath

Open Windows Explorer, navigate to the mailbox databases, and verify they are on a dedicated partition.

If the mailbox databases are not on a dedicated partition, this is a finding.

Vulnerability Number

V-228373

Documentable

False

Rule Version

EX16-MB-000200

Severity Override Guidance

Review the Email Domain Security Plan (EDSP) or document that contains this information.

Determine the location where the Exchange Mailbox databases reside.

Open the Exchange Management Shell and enter the following command:

Get-MailboxDatabase | Select Name, Identity, EdbFilePath

Open Windows Explorer, navigate to the mailbox databases, and verify they are on a dedicated partition.

If the mailbox databases are not on a dedicated partition, this is a finding.

Check Content Reference

M

Target Key

4223

Comments