STIGQter: STIG Summary: MS Exchange 2013 Edge Transport Server Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Apr 2019:

The Exchange software baseline copy must exist.

DISA Rule

SV-84535r1_rule

Vulnerability Number

V-69913

Group Title

SRG-APP-000380

Rule Version

EX13-EG-000295

Severity

CAT II

CCI(s)

• CCI-001813 - The information system enforces access restrictions.

Weight

10

Fix Recommendation

Implement an email software baseline process and update the EDSP.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine the baseline documentation.

Review the application software baseline procedures and implementation artifacts.

Note the list of files and directories included in the baseline procedure for completeness.

If an email software copy exists to serve as a baseline and is available for comparison during scanning efforts, this is not a finding.

Vulnerability Number

V-69913

Documentable

False

Rule Version

EX13-EG-000295

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine the baseline documentation.

Review the application software baseline procedures and implementation artifacts.

Note the list of files and directories included in the baseline procedure for completeness.

If an email software copy exists to serve as a baseline and is available for comparison during scanning efforts, this is not a finding.

Check Content Reference

M

Target Key

3099

Comments