CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0

Audit Details

Name: CIS Microsoft Exchange Server 2019 L1 Mailbox v1.0.0

Updated: 6/17/2024

Authority: CIS

Plugin: Windows

Revision: 1.1

Estimated Item Count: 31

File Details

Filename: CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Mailbox.audit

Size: 73.7 kB

MD5: eab9fc756bc12135150be7580eae2b5c
SHA256: 7c624fe5f9ef058a79fb8578fb81be144c0b0d8a2118f6c4d4984e37539eafc1

Audit Items

DescriptionCategories
2.1.1 Ensure 'Mailbox quotas: Issue warning at' is set to ''

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.2 Ensure 'Retain deleted items for the specified number of days' is set to '14'

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

2.1.3 Ensure 'Mailbox quotas: Prohibit send and receive at' is set to ''

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.4 Ensure 'Mailbox quotas: Prohibit send at' is set to ''

SYSTEM AND COMMUNICATIONS PROTECTION

2.1.5 Ensure 'Keep deleted mailboxes for the specified number of days' is set to '30'

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

2.1.6 Ensure 'Do not permanently delete items until the database has been backed up' is set to 'True'

AUDIT AND ACCOUNTABILITY, SYSTEM AND INFORMATION INTEGRITY

2.2.1 Ensure 'Transport Pickup Directory Path' is not set

CONFIGURATION MANAGEMENT

2.2.2 Ensure 'Maximum send size: Organization level' is set to '25'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.3 Ensure 'Maximum receive size: Organization level' is set to '25'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.4 Ensure 'Maximum send size: Connector level' is set to '25'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.5 Ensure 'Maximum receive size: Connector level' is set to '25'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.6 Ensure 'Send connector timeout' is set to '10'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.7 Ensure 'Receive connector timeout' is set to '5'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.8 Ensure 'External send connector authentication: DNS routing' is set to 'True'

SYSTEM AND COMMUNICATIONS PROTECTION

2.2.9 Ensure 'External send connector authentication: IgnoreStartTLS' is set to 'False'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.2.10 Ensure 'External send connector authentication: Domain security' is set to 'True'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.3 Ensure 'Enable automatic replies to remote domains' is set to 'False'

CONFIGURATION MANAGEMENT

2.3.4 Ensure 'Enable automatic forwards to remote domains' is set to 'False'

CONFIGURATION MANAGEMENT

2.3.5 Ensure 'Enable S/MIME for OWA' is set to 'True'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.3.6 Ensure 'Require client MAPI encryption' is set to 'True'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.1 Ensure 'POP3' Windows services are 'Disabled'

CONFIGURATION MANAGEMENT

2.4.2 Ensure 'IMAP4' Windows services are 'Disabled'

CONFIGURATION MANAGEMENT

2.4.3 Ensure 'Receive connector' is set to 'TLS'

ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

2.4.5 Ensure 'SMTP automated banner response' is set to '220 SMTP Server Ready'

CONFIGURATION MANAGEMENT

4.1 Ensure 'Receive connector: Configure protocol logging' is set to 'Verbose'

AUDIT AND ACCOUNTABILITY

4.2 Ensure 'Turn on administrator audit logging' is set to ''

AUDIT AND ACCOUNTABILITY

4.3 Ensure 'Turn on connectivity logging' is set to 'True'

AUDIT AND ACCOUNTABILITY

4.4 Ensure 'Send connector: Configure protocol logging' is set to 'Verbose'

AUDIT AND ACCOUNTABILITY

4.5 Ensure 'Message tracking logging' is set to 'True'

AUDIT AND ACCOUNTABILITY

Authentication Failure
CIS_Microsoft_Exchange_Server_2019_v1.0.0_Level_1_Mailbox.audit from CIS Microsoft Exchange Server 2019 Benchmark v1.0.0

SYSTEM AND INFORMATION INTEGRITY