3.3 Ensure SharePoint implements security functions as a layered structure minimizing interactions between layers of the design and avoiding any dependence by lower layers on the functionality or correctness of higher layers.

Information

SharePoint must implement security functions as a layered structure minimizing
interactions between layers of the design and avoiding any dependence by lower layers on
the functionality or correctness of higher layers.

Rationale:

The information system isolates security functions from nonsecurity functions by means of
an isolation boundary (implemented via partitions and domains) controlling access to, and
protecting the integrity of, the hardware, software, and firmware that perform those
security functions. The information system maintains a separate execution domain (e.g.,
address space) for each executing process.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Move Central Administration servers to an isolated section of the network.

See Also

https://workbench.cisecurity.org/files/2395

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(15), CSCv6|11.7, CSCv7|11.7

Plugin: Windows

Control ID: d952273943ccd34fe98242fc0f5531c79ba77bd46882211304368227b07270e8