Detections
Analytics

CIS Exchange 2007 Enterprise Edge Transport 1.1.0

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Exchange 2007 Enterprise Edge Transport 1.1.0

Updated: 4/2/2021

Authority: CIS

Plugin: Windows

Revision: 1.25

Estimated Item Count: 35

Audit Items

DescriptionCategories
3.1. Installation Host is Not a Domain Controller

CONFIGURATION MANAGEMENT

3.2. Patches and Updates
3.3. Security Configuration Wizard
3.4. Disable Unnecessary Exchange Services and Roles - 'Running Services'

CONFIGURATION MANAGEMENT

3.4. Disable Unnecessary Exchange Services and Roles - 'Server Roles'
4.1. Audit Administrative Access to Exchange
4.2. Ensure Fatal Error Reporting = Disabled

SYSTEM AND INFORMATION INTEGRITY

5.1. Restrict Accepted Domains = Authoritative Domain
5.2. Mail Routing Options = Authorized Smart Hosts
5.3. Audit Send Connector Address Space = approved address spaces
5.4. Enable TLS for Smart Host Basic Authentication = Basic Auth require TLS
5.5. Specify Block List Service Provider = at least Filter known hostile email providers
5.6. Specify Allow List Service Provider = set to your organization's security policy
5.7. Filter Recipients Who Are Not in Directory = Do not filter
5.8. Filter Recipients = Ensure the list is configured correctly
5.9. Filter Senders = Ensure the list is configured correctly
5.10. Filter Blank Senders = Enabled/True
5.11. Filter Custom Words = correct words are configured to list
5.12. Filter Attachment extensions = your organization is filtering all required attachments correctly
5.13. Configure Allowed IPs = configured to your organization's security policy
5.14. Enable TLS for Basic Authentication
5.15. Restrict Mail Send Size - 'SendConnector MaxMessageSize <= 20Mb'
5.15. Restrict Mail Send Size - 'TransportConfig MaxSendSize <= 20Mb'
5.16. Restrict Mail Receive Size - 'ReceiveConnector MaxMessageSize <= 10Mb'
5.16. Restrict Mail Receive Size - 'TransportConfig MaxReceiveSize <= 10Mb'
5.16. Restrict Mail Receive Size - 'TransportServer ExternalDsnMaxMessageAttachSize <= 10Mb'
5.16. Restrict Mail Receive Size - 'TransportServer InternalDsnMaxMessageAttachSize <= 10Mb'
5.17. Restrict Max Recipients - 'ReceiveConnector MaxRecipientsPerMessage <= 100'
5.18. Restrict IP Range For Receive Connectors
5.18. Restrict IP Range For Receive Connectors = Your organization's security policy
5.19. Ensure Sender Reputation is Enabled
10.1. Configure Monitoring
10.2. Install Anti-Virus Software
10.3. Security Configuration Wizard
CIS_v1.1.0_MS_Exchange_2007_Edge_Transport.audit