Detections
Analytics

DISA Microsoft Exchange 2016 Mailbox Server STIG v2r4

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA Microsoft Exchange 2016 Mailbox Server STIG v2r4

Updated: 6/17/2024

Authority: DISA STIG

Plugin: Windows

Revision: 1.7

Estimated Item Count: 69

File Details

Filename: DISA_STIG_Microsoft_Exchange_2016_Mailbox_Server_v2r4.audit

Size: 137 kB

MD5: 0df7bca560f27c75739df84668e16a74
SHA256: 382930c7a72e75e59909c82397d5a1c11cdc0066fb68d1df0a6c52fe2384035d

Audit Items

DescriptionCategories
Authentication Failure

ACCESS CONTROL

DISA_STIG_Microsoft_Exchange_2016_Mailbox_Server_v2r4.audit from DISA Microsoft Exchange 2016 Mailbox Server v2r4 STIG

SYSTEM AND INFORMATION INTEGRITY

EX16-MB-000010 - Exchange must have Administrator audit logging enabled.
EX16-MB-000020 - Exchange servers must use approved DoD certificates.
EX16-MB-000030 - Exchange auto-forwarding email to remote domains must be disabled or restricted.
EX16-MB-000040 - Exchange Connectivity logging must be enabled.
EX16-MB-000050 - The Exchange Email Diagnostic log level must be set to the lowest level.
EX16-MB-000060 - Exchange Audit record parameters must be set.
EX16-MB-000070 - Exchange Circular Logging must be disabled.
EX16-MB-000080 - Exchange Email Subject Line logging must be disabled.
EX16-MB-000090 - Exchange Message Tracking Logging must be enabled.
EX16-MB-000100 - Exchange Queue monitoring must be configured with threshold and action.
EX16-MB-000110 - Exchange Send Fatal Errors to Microsoft must be disabled.
EX16-MB-000120 - Exchange must protect audit data against unauthorized read access.
EX16-MB-000130 - Exchange must not send Customer Experience reports to Microsoft.
EX16-MB-000140 - Exchange must protect audit data against unauthorized access.
EX16-MB-000150 - Exchange must protect audit data against unauthorized deletion.
EX16-MB-000160 - Exchange Audit data must be on separate partitions.
EX16-MB-000170 - Exchange Local machine policy must require signed scripts.
EX16-MB-000180 - The Exchange Internet Message Access Protocol 4 (IMAP4) service must be disabled.
EX16-MB-000190 - The Exchange Post Office Protocol 3 (POP3) service must be disabled.
EX16-MB-000200 - Exchange Mailbox databases must reside on a dedicated partition.
EX16-MB-000210 - Exchange Internet-facing Send connectors must specify a Smart Host.
EX16-MB-000220 - Exchange internal Receive connectors must require encryption.
EX16-MB-000270 - Exchange Mailboxes must be retained until backups are complete.
EX16-MB-000290 - Exchange email forwarding must be restricted.
EX16-MB-000300 - Exchange email-forwarding SMTP domains must be restricted.
EX16-MB-000310 - Exchange Mail quota settings must not restrict receiving mail.
EX16-MB-000320 - Exchange Mail Quota settings must not restrict receiving mail.
EX16-MB-000340 - Exchange Mailbox Stores must mount at startup.
EX16-MB-000350 - Exchange Message size restrictions must be controlled on Receive connectors.
EX16-MB-000360 - Exchange Receive connectors must control the number of recipients per message.
EX16-MB-000380 - The Exchange Receive Connector Maximum Hop Count must be 60.
EX16-MB-000410 - Exchange Message size restrictions must be controlled on Send connectors.
EX16-MB-000420 - The Exchange Send connector connections count must be limited.
EX16-MB-000430 - The Exchange global inbound message size must be controlled.
EX16-MB-000440 - The Exchange global outbound message size must be controlled.
EX16-MB-000450 - The Exchange Outbound Connection Limit per Domain Count must be controlled.
EX16-MB-000460 - The Exchange Outbound Connection Timeout must be 10 minutes or less.
EX16-MB-000470 - Exchange Internal Receive connectors must not allow anonymous connections.
EX16-MB-000480 - Exchange external/Internet-bound automated response messages must be disabled.
EX16-MB-000490 - Exchange must have anti-spam filtering installed.
EX16-MB-000500 - Exchange must have anti-spam filtering enabled - ContentFilterConfig
EX16-MB-000500 - Exchange must have anti-spam filtering enabled - SenderFilterConfig
EX16-MB-000500 - Exchange must have anti-spam filtering enabled - SenderIDConfig
EX16-MB-000500 - Exchange must have anti-spam filtering enabled - SenderReputationConfig
EX16-MB-000510 - Exchange must have anti-spam filtering configured.
EX16-MB-000520 - Exchange must not send automated replies to remote domains.
EX16-MB-000530 - Exchange servers must have an approved DoD email-aware virus protection software installed.
EX16-MB-000540 - The Exchange Global Recipient Count Limit must be set.