800-53|SI-8

Title

SPAM PROTECTION

Description

The organization:

Supplemental

Information system entry and exit points include, for example, firewalls, electronic mail servers, web servers, proxy servers, remote-access servers, workstations, mobile devices, and notebook/laptop computers. Spam can be transported by different means including, for example, electronic mail, electronic mail attachments, and web accesses. Spam protection mechanisms include, for example, signature definitions.

Reference Item Details

Related: AT-2,AT-3,SC-5,SC-7,SI-3

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Priority: P2

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1.1.4 Ensure mounting of freevxfs filesystems is disabledUnixCIS Amazon Linux 2023 v1.0.0 L1 Server
1.1.4.1.3 Ensure 'Consistent Mime Handling' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
1.1.4.1.12 Ensure 'Restrict File Download' is set to 'Enabled'WindowsCIS Microsoft Office Enterprise v1.2.0 L1
1.1.18.10 (L1) Ensure 'security.mixed_content.block_active_content' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.22.1 (L1) Ensure 'Cryptomining' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.22.3 (L1) Ensure 'Email Tracking' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.1.22.5 (L1) Ensure 'Fingerprinting' is set to 'Enabled'WindowsCIS Mozilla Firefox ESR GPO v1.0.0 L1
1.2.5.1.3 (L1) Ensure 'Consistent Mime Handling' is set to 'Enabled'WindowsCIS Microsoft Intune for Office v1.1.0 L1
1.2.5.1.12 (L1) Ensure 'Restrict File Download' is set to 'Enabled'WindowsCIS Microsoft Intune for Office v1.1.0 L1
1.7 Ensure 'Nonexistent recipients' is set to 'True'WindowsCIS Microsoft Exchange Server 2019 L1 Edge v1.0.0
1.8 Ensure 'Attachment Filtering Agent' is configuredWindowsCIS Microsoft Exchange Server 2019 L1 Edge v1.0.0
1.11 Ensure 'Exchange recipient filter' is set to 'True'WindowsCIS Microsoft Exchange Server 2019 L1 Edge v1.0.0
1.19 (L1) Ensure 'Enable third party software injection blocking' is set to 'Enabled'WindowsCIS Google Chrome L1 v3.0.0
1.21 (L1) Ensure 'Ephemeral profile' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0
1.22 (L1) Ensure 'Import autofill form data from default browser on first run' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0
1.23 (L1) Ensure 'Import of homepage from default browser on first run' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0
1.24 (L1) Ensure 'Import search engines from default browser on first run' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0
1.29 (L1) Ensure 'URLs for which local IPs are exposed in WebRTC ICE candidates' is set to 'Disabled'WindowsCIS Google Chrome L1 v3.0.0
1.32 EX19-ED-000122WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.33 EX19-ED-000123WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.34 EX19-ED-000124WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.35 EX19-ED-000125WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.36 EX19-ED-000126WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.37 EX19-ED-000127WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.38 EX19-ED-000128WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.39 EX19-ED-000129WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.40 EX19-ED-000131WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.41 EX19-ED-000130WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.42 EX19-ED-000132WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.42 EX19-MB-000134WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT I
1.43 EX19-ED-000133WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.43 EX19-MB-000135WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.44 EX19-ED-000134WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.44 EX19-MB-000137WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.45 EX19-ED-000135WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.45 EX19-MB-000136WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.46 EX19-ED-000136WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.46 EX19-MB-000138WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.47 EX19-ED-000137WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.47 EX19-MB-000139WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.48 EX19-ED-000138WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.48 EX19-MB-000140WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT II
1.49 EX19-ED-000139WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.49 EX19-MB-000142WindowsCIS Microsoft Exchange 2019 Mailbox Server STIG v1.0.0 CAT III
1.50 EX19-ED-000140WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.51 EX19-ED-000141WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.52 EX19-ED-000142WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.53 EX19-ED-000143WindowsCIS Microsoft Exchange 2019 Edge Server STIG v1.0.0 CAT II
1.85 (L1) Ensure 'DNS interception checks enabled' is set to 'Enabled'WindowsCIS Microsoft Intune for Edge v1.0.0 L1
1.86 (L1) Ensure 'DNS interception checks enabled' is set to 'Enabled'WindowsCIS Microsoft Edge v4.0.0 L1