DISA_STIG_Microsoft_Exchange_2013_Client_Access_Server_v1r3.audit from DISA MS Exchange 2013 Client Access Server v1r3 STIG

800-53|SI-2

EX13-CA-000005 - Exchange must use Encryption for RPC client access.

800-53|SC-13

CAT|II

CCI|CCI-000068

Rule-ID|SV-84337r1_rule

STIG-ID|EX13-CA-000005

Vuln-ID|V-69715

EX13-CA-000010 - Exchange must use Encryption for OWA access.

Rule-ID|SV-84339r2_rule

STIG-ID|EX13-CA-000010

Vuln-ID|V-69717

EX13-CA-000015 - Exchange must have Forms-based Authentication disabled.

800-53|IA-5(1)

Rule-ID|SV-84341r2_rule

STIG-ID|EX13-CA-000015

Vuln-ID|V-69719

EX13-CA-000020 - Exchange must have authenticated access set to Integrated Windows Authentication only.

CCI|CCI-000213

Rule-ID|SV-84343r1_rule

STIG-ID|EX13-CA-000020

Vuln-ID|V-69721

EX13-CA-000025 - Exchange must have Administrator audit logging enabled.

800-53|AU-12

CCI|CCI-001403

Rule-ID|SV-84345r1_rule

STIG-ID|EX13-CA-000025

Vuln-ID|V-69723

EX13-CA-000030 - Exchange Servers must use approved DoD certificates.

800-53|SC-17

Rule-ID|SV-84347r1_rule

STIG-ID|EX13-CA-000030

Vuln-ID|V-69725

EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - BasicAuthEnabled

Rule-ID|SV-84349r1_rule

STIG-ID|EX13-CA-000035

Vuln-ID|V-69727

EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ClientCertAuth

800-53|IA-3(1)

EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ExternalAuthenticationMethods

EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - InternalAuthenticationMethods

EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WebSiteSSLEnabled

EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WindowsAuthEnabled

EX13-CA-000040 - Exchange must have IIS map client certificates to an approved certificate server.

Rule-ID|SV-84351r1_rule

STIG-ID|EX13-CA-000040

Vuln-ID|V-69729

EX13-CA-000045 - Exchange Email Diagnostic log level must be set to lowest level.

800-53|CM-6

CCI|CCI-000169

Rule-ID|SV-84353r1_rule

STIG-ID|EX13-CA-000045

Vuln-ID|V-69731

EX13-CA-000050 - Exchange must have Audit record parameters set.

800-53|AU-3

CAT|III

Rule-ID|SV-84355r1_rule

STIG-ID|EX13-CA-000050

Vuln-ID|V-69733

EX13-CA-000055 - Exchange must have Queue monitoring configured with threshold and action.

CCI|CCI-000154

Rule-ID|SV-84357r1_rule

STIG-ID|EX13-CA-000055

Vuln-ID|V-69735

EX13-CA-000060 - Exchange must have Send Fatal Errors to Microsoft disabled.

CCI|CCI-000381

Rule-ID|SV-84359r1_rule

STIG-ID|EX13-CA-000060

Vuln-ID|V-69737

EX13-CA-000065 - Exchange must have Audit data protected against unauthorized read access.

CCI|CCI-000162

Rule-ID|SV-84361r1_rule

STIG-ID|EX13-CA-000065

Vuln-ID|V-69739

EX13-CA-000070 - Exchange must not send Customer Experience reports to Microsoft.

Rule-ID|SV-84363r1_rule

STIG-ID|EX13-CA-000070

Vuln-ID|V-69741

EX13-CA-000075 - Exchange must have Audit data protected against unauthorized modification.

CCI|CCI-000163

Rule-ID|SV-84365r1_rule

STIG-ID|EX13-CA-000075

Vuln-ID|V-69743

EX13-CA-000080 - Exchange must have audit data protected against unauthorized deletion.

CCI|CCI-000164

Rule-ID|SV-84367r1_rule

STIG-ID|EX13-CA-000080

Vuln-ID|V-69745

EX13-CA-000085 - Exchange must have Audit data on separate partitions.

CCI|CCI-001348

Rule-ID|SV-84369r1_rule

STIG-ID|EX13-CA-000085

Vuln-ID|V-69747

EX13-CA-000090 - Exchange Local machine policy must require signed scripts.

800-53|CM-7(5)

CCI|CCI-001749

Rule-ID|SV-84373r1_rule

STIG-ID|EX13-CA-000090

Vuln-ID|V-69751

EX13-CA-000095 - Exchange IMAP4 service must be disabled.

800-53|CM-7

Rule-ID|SV-84375r1_rule

STIG-ID|EX13-CA-000095

Vuln-ID|V-69753

EX13-CA-000100 - Exchange POP3 service must be disabled.

Rule-ID|SV-84377r1_rule

STIG-ID|EX13-CA-000100

Vuln-ID|V-69755

EX13-CA-000105 - Exchange must have the Public Folder virtual directory removed if not in use by the site.

Rule-ID|SV-84379r1_rule

STIG-ID|EX13-CA-000105

Vuln-ID|V-69757

EX13-CA-000110 - Exchange must have the Microsoft Active Sync directory removed.

Rule-ID|SV-84381r1_rule

STIG-ID|EX13-CA-000110

Vuln-ID|V-69759

EX13-CA-000115 - Exchange application directory must be protected from unauthorized access.

CCI|CCI-001812

Rule-ID|SV-84383r1_rule

STIG-ID|EX13-CA-000115

Vuln-ID|V-69761

EX13-CA-000120 - Exchange software baseline copy must exist.

CCI|CCI-001813

Rule-ID|SV-84385r1_rule

STIG-ID|EX13-CA-000120

Vuln-ID|V-69763

EX13-CA-000125 - Exchange software must be monitored for unauthorized changes.

CCI|CCI-001814

Rule-ID|SV-84387r1_rule

STIG-ID|EX13-CA-000125

Vuln-ID|V-69765

EX13-CA-000130 - Exchange services must be documented and unnecessary services must be removed or disabled.

CCI|CCI-001762

Rule-ID|SV-84389r1_rule

STIG-ID|EX13-CA-000130

Vuln-ID|V-69767

EX13-CA-000135 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email.

CCI|CCI-001953

Rule-ID|SV-84391r1_rule

STIG-ID|EX13-CA-000135

Vuln-ID|V-69769

EX13-CA-000140 - Exchange software must be installed on a separate partition from the OS.

CCI|CCI-002530

Rule-ID|SV-84393r1_rule

STIG-ID|EX13-CA-000140

Vuln-ID|V-69771

EX13-CA-000145 - Exchange must provide redundancy.

800-53|SC-5(2)

CCI|CCI-002385

Rule-ID|SV-84395r1_rule

STIG-ID|EX13-CA-000145

Vuln-ID|V-69773

EX13-CA-000150 - Exchange OWA must use https - External

CAT|I

CCI|CCI-002418

Rule-ID|SV-84397r2_rule

STIG-ID|EX13-CA-000150

Vuln-ID|V-69775

EX13-CA-000150 - Exchange OWA must use https - Internal

EX13-CA-000155 - Exchange OWA must have S/MIME Certificates enabled.

CCI|CCI-002421

Rule-ID|SV-84399r1_rule

STIG-ID|EX13-CA-000155

Vuln-ID|V-69777

EX13-CA-000160 - Exchange must have the most current, approved service pack installed.

CCI|CCI-002605

Rule-ID|SV-84401r1_rule

STIG-ID|EX13-CA-000160

Vuln-ID|V-69779

EX13-CA-000165 - Exchange must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.

Detections

Analytics

DISA Microsoft Exchange 2013 Client Access Server STIG v1r3

Warning! Audit Deprecated

Audit Details

Audit Changelog

Revision 1.9

Miscellaneous

Revision 1.8

Miscellaneous

Revision 1.7

Miscellaneous

Revision 1.6

Miscellaneous

Revision 1.5

Informational Update

Miscellaneous

Revision 1.4

Miscellaneous

Revision 1.3

Miscellaneous

Revision 1.2

Miscellaneous

Revision 1.1

Miscellaneous


Revision 1.9 Jun 1, 2022 Miscellaneous Audit deprecated. Metadata updated. References updated.
Revision 1.8 Apr 25, 2022 Miscellaneous Metadata updated. References updated.
Revision 1.7 Jul 30, 2021 Miscellaneous Metadata updated. References updated.
Revision 1.6 Jun 17, 2021 Miscellaneous Metadata updated.
Revision 1.5 May 5, 2021 Informational Update EX13-CA-000150 - Exchange OWA must use https - External EX13-CA-000150 - Exchange OWA must use https - Internal Miscellaneous Metadata updated. See also link updated.
Revision 1.4 Mar 18, 2021 Miscellaneous Metadata updated. References updated.
Revision 1.3 Sep 29, 2020 Miscellaneous References updated.
Revision 1.2 Jul 14, 2020 Miscellaneous Metadata updated.
Revision 1.1 Apr 22, 2020 Miscellaneous References updated.