STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The application must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

DISA Rule

SV-228412r612748_rule

Vulnerability Number

V-228412

Group Title

SRG-APP-000516

Rule Version

EX16-MB-002870

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure web ports to be ports 80 and 443, as specified by PPSM standards.

Check Contents

Open a Windows PowerShell Module and enter the following commands: 

Get-Website | Select Name

Get-WebBinding -Name <'WebSiteName'> | Format-List

If the Web binding values returned are not on standard port 80 for HTTP connections or port 443 for HTTPS connections, this is a finding.

Note: This is excluding the Exchange Back End website which uses 81/444.

Repeat the process for each website.

Vulnerability Number

V-228412

Documentable

False

Rule Version

EX16-MB-002870

Severity Override Guidance

Open a Windows PowerShell Module and enter the following commands: 

Get-Website | Select Name

Get-WebBinding -Name <'WebSiteName'> | Format-List

If the Web binding values returned are not on standard port 80 for HTTP connections or port 443 for HTTPS connections, this is a finding.

Note: This is excluding the Exchange Back End website which uses 81/444.

Repeat the process for each website.

Check Content Reference

M

Target Key

4223

Comments