Detections
Analytics

DISA Microsoft Exchange 2013 Client Access Server STIG v2r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Microsoft Exchange 2013 Client Access Server STIG v2r1

Updated: 8/26/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.5

Estimated Item Count: 41

File Details

Filename: DISA_STIG_Microsoft_Exchange_2013_Client_Access_Server_v2r1.audit

Size: 81.3 kB

MD5: 4e6431b100835e005f73776d83f0c9a3
SHA256: 8ecd466fa64995c01bfb57e88286fa13ac827cb68cf13d042778aa8a35dca33c

Audit Items

DescriptionCategories
Authentication Failure

ACCESS CONTROL

DISA_STIG_Microsoft_Exchange_2013_Client_Access_Server_v2r1.audit from DISA Microsoft Exchange 2013 Client Access Server v2r1 STIG

SYSTEM AND INFORMATION INTEGRITY

EX13-CA-000005 - Exchange must use Encryption for RPC client access.
EX13-CA-000010 - Exchange must use Encryption for OWA access.
EX13-CA-000015 - Exchange must have Forms-based Authentication disabled.
EX13-CA-000020 - Exchange must have authenticated access set to Integrated Windows Authentication only.
EX13-CA-000025 - Exchange must have Administrator audit logging enabled.
EX13-CA-000030 - Exchange Servers must use approved DoD certificates.
EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - BasicAuthEnabled
EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ClientCertAuth
EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ExternalAuthenticationMethods
EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - InternalAuthenticationMethods
EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WebSiteSSLEnabled
EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WindowsAuthEnabled
EX13-CA-000040 - Exchange must have IIS map client certificates to an approved certificate server.
EX13-CA-000045 - Exchange Email Diagnostic log level must be set to lowest level.
EX13-CA-000050 - Exchange must have Audit record parameters set.
EX13-CA-000055 - Exchange must have Queue monitoring configured with threshold and action.
EX13-CA-000060 - Exchange must have Send Fatal Errors to Microsoft disabled.
EX13-CA-000065 - Exchange must have Audit data protected against unauthorized read access.
EX13-CA-000070 - Exchange must not send Customer Experience reports to Microsoft.
EX13-CA-000075 - Exchange must have Audit data protected against unauthorized modification.
EX13-CA-000080 - Exchange must have audit data protected against unauthorized deletion.
EX13-CA-000085 - Exchange must have Audit data on separate partitions.
EX13-CA-000090 - Exchange Local machine policy must require signed scripts.
EX13-CA-000095 - Exchange IMAP4 service must be disabled.
EX13-CA-000100 - Exchange POP3 service must be disabled.
EX13-CA-000105 - Exchange must have the Public Folder virtual directory removed if not in use by the site.
EX13-CA-000110 - Exchange must have the Microsoft Active Sync directory removed.
EX13-CA-000115 - Exchange application directory must be protected from unauthorized access.
EX13-CA-000120 - Exchange software baseline copy must exist.
EX13-CA-000125 - Exchange software must be monitored for unauthorized changes.
EX13-CA-000130 - Exchange services must be documented and unnecessary services must be removed or disabled.
EX13-CA-000135 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email.
EX13-CA-000140 - Exchange software must be installed on a separate partition from the OS.
EX13-CA-000145 - Exchange must provide redundancy.
EX13-CA-000150 - Exchange OWA must use https - External
EX13-CA-000150 - Exchange OWA must use https - Internal
EX13-CA-000155 - Exchange OWA must have S/MIME Certificates enabled.
EX13-CA-000160 - Exchange must have the most current, approved service pack installed.
EX13-CA-000165 - Exchange must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs.