STIGQter: STIG Summary: MS Exchange 2013 Client Access Server Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020:

Exchange OWA must have S/MIME Certificates enabled.

DISA Rule

SV-84399r1_rule

Vulnerability Number

V-69777

Group Title

SRG-APP-000440

Rule Version

EX13-CA-000155

Severity

CAT II

CCI(s)

CCI-002421 - The information system implements cryptographic mechanisms to prevent unauthorized disclosure of information and/or detect changes to information during transmission unless otherwise protected by organization-defined alternative physical safeguards.

Weight

Fix Recommendation

Open the Exchange Management Shell and enter the following command:

Set-OWAVirtualDirectory -Identity '<IdentityName>\owa (Default Web Site)' -SmimeEnabled $true

Note: The <ServerName>\owa (Default Web Site) value must be in quotes.

Check Contents

Open the Exchange Management Shell and enter the following command:

Get-OWAVirtualDirectory | Select Name, Identity, SmimeEnabled

If the value returned is not set to True, this is a finding.

Vulnerability Number

V-69777

Documentable

False

Rule Version

EX13-CA-000155

Severity Override Guidance

Open the Exchange Management Shell and enter the following command:

Get-OWAVirtualDirectory | Select Name, Identity, SmimeEnabled

If the value returned is not set to True, this is a finding.

Check Content Reference

Target Key

3097

Exchange OWA must have S/MIME Certificates enabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments