STIGQter: STIG Summary:| Checked | Name | Title |
|---|---|---|
| ☐ | SV-43979r1_rule | Encryption must be used for RPC client access. |
| ☐ | SV-43982r1_rule | The Microsoft Exchange IMAP4 service must be disabled. |
| ☐ | SV-43990r1_rule | The Microsoft Exchange POP3 service must be disabled. |
| ☐ | SV-43991r1_rule | The Public Folder virtual directory must be removed if not in use by the site. |
| ☐ | SV-44003r1_rule | Web email must use standard ports protocols. |
| ☐ | SV-44005r3_rule | Encryption must be used for OWA access. |
| ☐ | SV-44008r1_rule | Forms-based Authentication must not be enabled. |
| ☐ | SV-44026r2_rule | Email Diagnostic log level must be set to low or lowest level. |
| ☐ | SV-44027r2_rule | Outlook Anywhere (OA) clients must use NTLM authentication to access email. |
| ☐ | SV-44028r2_rule | The Send Fatal Errors to Microsoft must be disabled. |
| ☐ | SV-44029r2_rule | Administrator audit logging must be enabled. |
| ☐ | SV-44030r1_rule | The Microsoft Active Sync directory must be removed. |
| ☐ | SV-44031r1_rule | Audit data must be protected against unauthorized access. |
| ☐ | SV-44033r1_rule | Exchange application directory must be protected from unauthorized access. |
| ☐ | SV-44036r1_rule | Exchange must not send Customer Experience reports to Microsoft. |
| ☐ | SV-44037r2_rule | Audit record parameters must be set. |
| ☐ | SV-44038r1_rule | Audit data must be on separate partitions. |
| ☐ | SV-44039r3_rule | Queue monitoring must be configured with threshold and action. |
| ☐ | SV-44040r1_rule | Email software must be monitored for change on INFOCON frequency schedule. |
| ☐ | SV-44041r1_rule | Exchange software baseline copy must exist. |
| ☐ | SV-44043r2_rule | Services must be documented and unnecessary services must be removed or disabled. |
| ☐ | SV-44045r2_rule | Email application must not share a partition with another application. |
| ☐ | SV-44046r2_rule | Servers must use approved DoD certificates. |
| ☐ | SV-44049r3_rule | The current, approved service pack must be installed. |
| ☐ | SV-44052r1_rule | Local machine policy must require signed scripts. |
| ☐ | SV-44065r2_rule | HTTP authenticated access must be set to Integrated Windows Authentication only. |
| ☐ | SV-50983r2_rule | Exchange ActiveSync (EAS) must only use certificate-based authentication to access email. |
| ☐ | SV-50988r2_rule | IIS must map client certificates to an approved certificate server |