STIGQter: STIG Summary: Voice Video Services Policy Security Technical Implementation Guide Version: 3 Release: 17 Benchmark Date: 25 Oct 2019:

The Unified Mail system and/or server must implement applicable SRG and/or STIG guidance.

DISA Rule

SV-8740r2_rule

Vulnerability Number

V-8254

Group Title

VVoIP 1045

Rule Version

VVoIP 1045

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Ensure Unified Mail systems and servers are secured using the appropriate (e.g., application, web server, database, OS) SRGs and STIGs.

Check Contents

Review the site documentation to confirm all Unified Mail systems and servers implement the appropriate SRGs and STIGs. The server OS must be assessed using the Windows, Linux, or other appropriate STIG. The application and supporting services must be assessed using the appropriate (e.g., application, web server, database) SRGs and STIGs.

If the Unified Mail systems and servers are not assessed using the appropriate SRGs and STIGs, this is a finding.

Vulnerability Number

V-8254

Documentable

False

Rule Version

VVoIP 1045

Severity Override Guidance

Review the site documentation to confirm all Unified Mail systems and servers implement the appropriate SRGs and STIGs. The server OS must be assessed using the Windows, Linux, or other appropriate STIG. The application and supporting services must be assessed using the appropriate (e.g., application, web server, database) SRGs and STIGs.

If the Unified Mail systems and servers are not assessed using the appropriate SRGs and STIGs, this is a finding.

Check Content Reference

M

Target Key

594

Comments