DISA STIG IIS 6.0 Site Checklist v6r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG IIS 6.0 Site Checklist v6r1

Updated: 3/9/2017

Authority: DISA STIG

Plugin: Windows

Revision: 1.22

Estimated Item Count: 100

File Details

Filename: DISA_IIS_6_Site.audit

Size: 177 kB

MD5: 07a1a4e48ac059f411b33fb70eac49d1

SHA256: bb3bbd1cc6336df6f2d179d7e05dc19c17f0060d50c6d82e1c68c93c0ec3ca2f

Audit Items

Description	Categories
WA000-WI030 - The IUSR_machinename account has read access to the .inc files or their equivalent. - '.asa'	ACCESS CONTROL
WA000-WI030 - The IUSR_machinename account has read access to the .inc files or their equivalent. - '.asax'	ACCESS CONTROL
WA000-WI030 - The IUSR_machinename account has read access to the .inc files or their equivalent. - '.inc file permissions'	ACCESS CONTROL
WA000-WI030 - The IUSR_machinename account has read access to the .inc files or their equivalent. - '.inc'	ACCESS CONTROL
WA000-WI030 - The IUSR_machinename account has read access to the .inc files or their equivalent. - 'global.asa'	ACCESS CONTROL
WA000-WI030 - The IUSR_machinename account has read access to the .inc files or their equivalent. - 'global.asax'	ACCESS CONTROL
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - '.bat mappings'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - '.cmd mappings'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - '.HTR scripting Disallowed'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - 'Allowed Web Service Extensions'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - 'Index Server Web Interface Disallowed'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - 'Internet Data Connector Disallowed'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - 'Internet Printing Disallowed'	CONFIGURATION MANAGEMENT
WA000-WI050 - Unused and vulnerable script mappings in IIS are not removed or set to the 404.dll - 'Server Side Includes Disallowed'	CONFIGURATION MANAGEMENT
WA000-WI070 - Content Index Service indexes directories, other than web document directories.	CONFIGURATION MANAGEMENT
WA000-WI090 - Directory Browsing is not disabled.	CONFIGURATION MANAGEMENT
WA000-WI092 - The IIS Web site permissions 'Write' or 'Script Source' Access are selected - 'Script Source permission check'	ACCESS CONTROL
WA000-WI092 - The IIS Web site permissions 'Write' or 'Script Source' Access are selected - 'Write permission check'	ACCESS CONTROL
WA000-WI120 - The Content Location header contains proprietary IP addresses.	CONFIGURATION MANAGEMENT
WA000-WI6010 - Application pools are not used to isolate Web Applications.	SYSTEM AND COMMUNICATIONS PROTECTION
WA000-WI6020 - The Recycle Worker processes in minutes monitor is not enabled or set properly.	CONFIGURATION MANAGEMENT
WA000-WI6022 - The Recycle worker processes in number of requests monitor is not enabled.	CONFIGURATION MANAGEMENT
WA000-WI6024 - The Maximum virtual memory monitor is not enabled.	CONFIGURATION MANAGEMENT
WA000-WI6026 - The Maximum used memory mmonitor is not enabled.	CONFIGURATION MANAGEMENT
WA000-WI6028 - The Shutdown worker processes Idle Timeout monitor is not enabled.	CONFIGURATION MANAGEMENT
WA000-WI6030 - The Limit the kernel request queue monitor is not enabled	CONFIGURATION MANAGEMENT
WA000-WI6032 - The Enabled pinging monitor is not enabled - 'PingingEnabled set to True'	CONFIGURATION MANAGEMENT
WA000-WI6032 - The Enabled pinging monitor is not enabled - 'PingInterval set to 30 or more'	CONFIGURATION MANAGEMENT
WA000-WI6034 - The Enable rapid-fail protection monitor is not enabled.	CONFIGURATION MANAGEMENT
WA000-WI6036 - The Enable rapid-fail time period monitor is not enabled.	CONFIGURATION MANAGEMENT
WA000-WI6040 - A non-privileged account is not used to run Worker Process Identities. - 'AppPoolIdentityType = 3 - WAMUserName'	ACCESS CONTROL
WA000-WI6040 - A non-privileged account is not used to run Worker Process Identities. - 'AppPoolIdentityType Check'	ACCESS CONTROL
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebDirectorySetting'	SYSTEM AND COMMUNICATIONS PROTECTION
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebFileSetting'	SYSTEM AND COMMUNICATIONS PROTECTION
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebServerSetting'	SYSTEM AND COMMUNICATIONS PROTECTION
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebServiceSetting'	SYSTEM AND COMMUNICATIONS PROTECTION
WA000-WI6098 - The MaxRequestEntityAllowed metabase value is not defined - 'IisWebVirtualDirSetting'	SYSTEM AND COMMUNICATIONS PROTECTION
WA025 - Web content classification or sensitivity level has not been documented by proper authorities and labeling is not present
WA030 - Web content is not reviewed and approved by proper authorities prior to posting to a production web server.
WA032 - The Web Manager will ensure all interactive (CGI) programs used on the web server are documented.
WA130 - Scripts are not reviewed by a CCB or technical group and installation of scripts on the web server is not controlled.
WA150 - Web applications or servers, do not require web users to have a user ID and password that provide access only to the web content.
WG110 - The number of simultaneous requests is not limited for this web site.	ACCESS CONTROL
WG140 - A private web server does not require subscriber certificates as an access control mechanism. - 'AccessSSL Enabled'	SYSTEM AND COMMUNICATIONS PROTECTION
WG140 - A private web server does not require subscriber certificates as an access control mechanism. - 'AccessSSLRequireCert Enabled'	SYSTEM AND COMMUNICATIONS PROTECTION
WG145 - The private web server does not use an approved DoD certificate validation process. - 'Check W3SVC CertCheckMode'	IDENTIFICATION AND AUTHENTICATION
WG145 - The private web server does not use an approved DoD certificate validation process. - 'Check W3SVC/WEBSITES CertCheckMode'
WG170 - Each readable web document directory does not contain either a default, home, index or equivalent file 'DefaultDoc'	CONFIGURATION MANAGEMENT
WG170 - Each readable web document directory does not contain either a default, home, index or equivalent file 'EnableDefaultDoc set to True	CONFIGURATION MANAGEMENT
WG205 - The web document (home) directory is not in a separate partition from the web servers system files.	CONFIGURATION MANAGEMENT

Detections

Analytics

DISA STIG IIS 6.0 Site Checklist v6r1

Warning! Audit Deprecated

Audit Details

File Details

Audit Items