STIGQter STIGQter: STIG Summary: MS Exchange 2013 Client Access Server Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020:

Exchange services must be documented and unnecessary services must be removed or disabled.

DISA Rule

SV-84389r1_rule

Vulnerability Number

V-69767

Group Title

SRG-APP-000383

Rule Version

EX13-CA-000130

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Update the EDSP with the services required for the system to function.

Remove or disable any services that are not required.

Check Contents

Review the Email Domain Security Plan (EDSP).

Note: Required services will vary between organizations and will vary depending on the role of the individual system. Organizations will develop their own list of services, which will be documented and justified with the ISSO. The site’s list will be provided for any security review. Services that are common to multiple systems can be addressed in one document. Exceptions for individual systems should be identified separately by system.

Open a Windows PowerShell and enter the following command:

Get-Service | Where-Object {$_.status -eq 'running'}

The command returns a list of installed services and the status of that service.

If the site has not documented the services required for its system(s), this is a finding.

If any undocumented or unnecessary services are running, this is a finding.

Vulnerability Number

V-69767

Documentable

False

Rule Version

EX13-CA-000130

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Note: Required services will vary between organizations and will vary depending on the role of the individual system. Organizations will develop their own list of services, which will be documented and justified with the ISSO. The site’s list will be provided for any security review. Services that are common to multiple systems can be addressed in one document. Exceptions for individual systems should be identified separately by system.

Open a Windows PowerShell and enter the following command:

Get-Service | Where-Object {$_.status -eq 'running'}

The command returns a list of installed services and the status of that service.

If the site has not documented the services required for its system(s), this is a finding.

If any undocumented or unnecessary services are running, this is a finding.

Check Content Reference

M

Target Key

3097

Comments