STIGQter: STIG Summary: MS Exchange 2013 Client Access Server Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020:

Exchange must have Queue monitoring configured with threshold and action.

DISA Rule

SV-84357r1_rule

Vulnerability Number

V-69735

Group Title

SRG-APP-000111

Rule Version

EX13-CA-000055

Severity

CAT II

CCI(s)

• CCI-000154 - The information system provides the capability to centrally review and analyze audit records from multiple components within the system.

Weight

10

Fix Recommendation

Open the Exchange Management Shell and enter the following command:

perfmon

In the left pane, navigate to and select Performance >> Data Collector Sets >> User Defined.

Right-click, navigate to, and configure User Defined >> New >> Data Collector Set to use user-defined data collection for monitoring the queues.

Check Contents

Note: If a third-party application is performing monitoring functions, the reviewer should verify the application is monitoring correctly and mark the vulnerability not applicable.

Open the Exchange Management Shell and enter the following command:

perfmon

In the left pane, expand and navigate Performance >> Data Collector Sets >> User Defined.

If no sets are defined or queues are not being monitored, this is a finding.

Vulnerability Number

V-69735

Documentable

False

Rule Version

EX13-CA-000055

Severity Override Guidance

Note: If a third-party application is performing monitoring functions, the reviewer should verify the application is monitoring correctly and mark the vulnerability not applicable.

Open the Exchange Management Shell and enter the following command:

perfmon

In the left pane, expand and navigate Performance >> Data Collector Sets >> User Defined.

If no sets are defined or queues are not being monitored, this is a finding.

Check Content Reference

M

Target Key

3097

Comments