STIGQter: STIG Summary: Microsoft Windows Server 2019 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:

Windows Server 2019 system files must be monitored for unauthorized changes.

DISA Rule

SV-205803r569241_rule

Vulnerability Number

V-205803

Group Title

SRG-OS-000363-GPOS-00150

Rule Version

WN19-00-000220

Severity

CAT II

CCI(s)

• CCI-001744 - The information system implements organization-defined security responses automatically if baseline configurations are changed in an unauthorized manner.

Weight

10

Fix Recommendation

Monitor the system for unauthorized changes to system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) against a baseline on a weekly basis. This can be done with the use of various monitoring tools.

Check Contents

Determine whether the system is monitored for unauthorized changes to system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) against a baseline on a weekly basis.

If system files are not monitored for unauthorized changes, this is a finding.

A properly configured and approved DoD HBSS solution that supports a File Integrity Monitor (FIM) module will meet the requirement for file integrity checking.

Vulnerability Number

V-205803

Documentable

False

Rule Version

WN19-00-000220

Severity Override Guidance

Determine whether the system is monitored for unauthorized changes to system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) against a baseline on a weekly basis.

If system files are not monitored for unauthorized changes, this is a finding.

A properly configured and approved DoD HBSS solution that supports a File Integrity Monitor (FIM) module will meet the requirement for file integrity checking.

Check Content Reference

M

Target Key

2907

Comments