Detections
Analytics

DISA IIS 10.0 Server v2r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA IIS 10.0 Server v2r1

Updated: 5/17/2022

Authority: Operating Systems and Applications

Plugin: Windows

Revision: 1.10

Estimated Item Count: 83

Audit Changelog

 
Revision 1.10

May 17, 2022

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.9

Apr 25, 2022

Miscellaneous
  • References updated.
Revision 1.8

Mar 10, 2022

Functional Update
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Date
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field IP
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Method
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Query
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Referer
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Status
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field Time
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Field User
  • IIST-SV-000102 - The enhanced logging for the IIS 10.0 web server must be enabled and capture all user and web server events - Format W3C
  • IIST-SV-000103 - Both the log file and Event Tracing for Windows (ETW) for the IIS 10.0 web server must be enabled.
  • IIST-SV-000110 - The IIS 10.0 web server must produce log records that contain sufficient information to establish the outcome (success or failure) of IIS 10.0 web server events - Connection
  • IIST-SV-000110 - The IIS 10.0 web server must produce log records that contain sufficient information to establish the outcome (success or failure) of IIS 10.0 web server events - Warning
  • IIST-SV-000111 - The IIS 10.0 web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event - Custom Authorization
  • IIST-SV-000111 - The IIS 10.0 web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event - Custom Content-Type
  • IIST-SV-000111 - The IIS 10.0 web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event - Referer
  • IIST-SV-000111 - The IIS 10.0 web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event - User Name
  • IIST-SV-000111 - The IIS 10.0 web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event - UserAgent
Miscellaneous
  • Metadata updated.
Added
  • IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information.
  • IIST-SV-000215 - ASP.NET version must be removed from the HTTP Response Header information.
Revision 1.7

Dec 23, 2021

Functional Update
  • IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS 1.2
Revision 1.6

Sep 14, 2021

Functional Update
  • IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS 1.1
  • IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS 1.2
Added
  • IIST-SV-000153 - An IIS 10.0 web server must maintain the confidentiality of controlled information during transmission through the use of an approved Transport Layer Security (TLS) version - TLS 1.1 Enabled
Revision 1.5

Aug 5, 2021

Removed
  • IIST-SV-000111 - The IIS 10.0 web server must produce log records containing sufficient information to establish the identity of any user/subject or process associated with an event - Custom User-Agent
Revision 1.4

Jul 30, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.3

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Mar 18, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.1

Dec 9, 2020

Miscellaneous
  • Platform check updated.