STIGQter: STIG Summary: MS Exchange 2010 Edge Transport Server STIG Version: 1 Release: 15 Benchmark Date: 26 Apr 2019:

Email application must not share a partition with another application.

DISA Rule

SV-44045r3_rule

Vulnerability Number

V-33625

Group Title

Exch-3-807

Rule Version

Exch-3-807

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Install Exchange on a dedicated application partition separate than that of the OS.

Check Contents

Access Windows Explorer and identify the OS partition. Navigate to configured partitions, and access the ‘Program Files’ directory.

Make note of the installation partition for Microsoft Exchange.

If Microsoft Exchange resides on a partition other than that of the OS, and does not have other applications installed, this is not a finding.
Note: In the case where additional applications are installed on the same partition as Microsoft Exchange, and each of those additional applications have been documented and had a risk assessment completed by the ISSO/ISSM, this is not a finding.

Vulnerability Number

V-33625

Documentable

False

Rule Version

Exch-3-807

Severity Override Guidance

Access Windows Explorer and identify the OS partition. Navigate to configured partitions, and access the ‘Program Files’ directory.

Make note of the installation partition for Microsoft Exchange.

If Microsoft Exchange resides on a partition other than that of the OS, and does not have other applications installed, this is not a finding.
Note: In the case where additional applications are installed on the same partition as Microsoft Exchange, and each of those additional applications have been documented and had a risk assessment completed by the ISSO/ISSM, this is not a finding.

Check Content Reference

M

Target Key

1995

Comments