MS.SHAREPOINT.3.2v1 - The allowable file and folder permissions for links SHALL be set to View only.

Information

Unauthorized changes to files can be made if permissions allow editing by anyone. By restricting permissions on links to **View** only, administrators prevent anonymous file changes.

Solution

1. Sign in to the SharePoint admin center.

2. Select Policies \> Sharing.

3. Scroll to the section Choose expiration and permissions options for Anyone links.

4. Set the configuration items in the section These links can give these permissions.

5. Set the Files option to View.

6. Set the Folders option to View.

7. Select Save.

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, CONTINGENCY PLANNING, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-3, 800-53|AC-16, 800-53|AC-17, 800-53|AC-18, 800-53|AC-19, 800-53|AC-20, 800-53|CA-7, 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|CM-8, 800-53|CP-6, 800-53|CP-7, 800-53|CP-9, 800-53|CP-10, 800-53|SC-4, 800-53|SC-7, 800-53|SC-28, 800-53|SC-36, 800-53|SI-3, 800-53|SI-4, 800-53|SI-7, 800-53|SI-10, 800-53|SI-12, 800-53|SI-16

Plugin: microsoft_azure

Control ID: 62ae22659745603de87c04af29ad2a20ca8efde71d7153cd917d81ec0f23b06e