20.28 Ensure 'Fax Server role' is set to 'Not Installed'

Information

This setting provides a single interface that administrators can use to efficiently administer fax resources.

The STIG recommended state for this setting is: Not installed

Note: A fax server is comprised of four different parts:

- Fax Server role
- Fax service
- Fax Service Manager
- Windows Fax and Scan

Unnecessary services increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption or may provide unauthorized access to the system.

Solution

To Uninstall the

Fax Server

role:

- Start 'Server Manager'
- Select the server with the role
- Scroll down to 'ROLES AND FEATURES' in the right pane
- Select 'Remove Roles and Features' from the drop-down 'TASKS' list
- Select the appropriate server on the 'Server Selection' page and click 'Next'
- Deselect 'Fax Server' on the 'Roles' page
- Click 'Next' and 'Remove' as prompted (if installed).

Impact:

Fax Server features such as automatically making fax connections available to users and computers in your organization will not be possible.

See Also

https://workbench.cisecurity.org/benchmarks/18857

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, 800-53|CM-7

Plugin: Windows

Control ID: 224918092e4c629cbd75a0a6ca09a15674cf969074bf604ffdc508b55a3c911b