| Authentication Failure | |
| DISA_STIG_Microsoft_Exchange_2013_Client_Access_Server_v2r2.audit from DISA Microsoft Exchange 2013 Client Access Server v2r2 STIG | SYSTEM AND INFORMATION INTEGRITY |
| EX13-CA-000005 - Exchange must use Encryption for RPC client access. | ACCESS CONTROL |
| EX13-CA-000010 - Exchange must use Encryption for OWA access. | ACCESS CONTROL |
| EX13-CA-000015 - Exchange must have Forms-based Authentication disabled. | ACCESS CONTROL |
| EX13-CA-000020 - Exchange must have authenticated access set to Integrated Windows Authentication only. | ACCESS CONTROL |
| EX13-CA-000025 - Exchange must have Administrator audit logging enabled. | ACCESS CONTROL |
| EX13-CA-000030 - Exchange Servers must use approved DoD certificates. | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - BasicAuthEnabled | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ClientCertAuth | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - ExternalAuthenticationMethods | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - InternalAuthenticationMethods | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WebSiteSSLEnabled | ACCESS CONTROL |
| EX13-CA-000035 - Exchange ActiveSync (EAS) must only use certificate-based authentication to access email - WindowsAuthEnabled | ACCESS CONTROL |
| EX13-CA-000040 - Exchange must have IIS map client certificates to an approved certificate server. | ACCESS CONTROL |
| EX13-CA-000045 - Exchange Email Diagnostic log level must be set to lowest level. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000050 - Exchange must have Audit record parameters set. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000055 - Exchange must have Queue monitoring configured with threshold and action. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000060 - Exchange must have Send Fatal Errors to Microsoft disabled. | CONFIGURATION MANAGEMENT |
| EX13-CA-000065 - Exchange must have Audit data protected against unauthorized read access. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000070 - Exchange must not send Customer Experience reports to Microsoft. | CONFIGURATION MANAGEMENT |
| EX13-CA-000075 - Exchange must have Audit data protected against unauthorized modification. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000080 - Exchange must have audit data protected against unauthorized deletion. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000085 - Exchange must have Audit data on separate partitions. | AUDIT AND ACCOUNTABILITY |
| EX13-CA-000090 - Exchange Local machine policy must require signed scripts. | CONFIGURATION MANAGEMENT |
| EX13-CA-000095 - Exchange IMAP4 service must be disabled. | CONFIGURATION MANAGEMENT |
| EX13-CA-000100 - Exchange POP3 service must be disabled. | CONFIGURATION MANAGEMENT |
| EX13-CA-000105 - Exchange must have the Public Folder virtual directory removed if not in use by the site. | CONFIGURATION MANAGEMENT |
| EX13-CA-000110 - Exchange must have the Microsoft Active Sync directory removed. | CONFIGURATION MANAGEMENT |
| EX13-CA-000115 - Exchange application directory must be protected from unauthorized access. | CONFIGURATION MANAGEMENT |
| EX13-CA-000120 - Exchange software baseline copy must exist. | CONFIGURATION MANAGEMENT |
| EX13-CA-000125 - Exchange software must be monitored for unauthorized changes. | CONFIGURATION MANAGEMENT |
| EX13-CA-000130 - Exchange services must be documented and unnecessary services must be removed or disabled. | CONFIGURATION MANAGEMENT |
| EX13-CA-000135 - Exchange Outlook Anywhere (OA) clients must use NTLM authentication to access email. | IDENTIFICATION AND AUTHENTICATION |
| EX13-CA-000140 - Exchange software must be installed on a separate partition from the OS. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000145 - Exchange must provide redundancy. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000150 - Exchange OWA must use https - External | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000150 - Exchange OWA must use https - Internal | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000155 - Exchange OWA must have S/MIME Certificates enabled. | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000160 - The version of Exchange running on the system must be a supported version. | SYSTEM AND INFORMATION INTEGRITY |
| EX13-CA-000165 - Exchange must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | CONFIGURATION MANAGEMENT |
