STIGQter: STIG Summary: Microsoft IIS 8.5 Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Microsoft IIS 8.5 Server Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:SV-214403r508658_rule
V-214403
SRG-APP-000099-WSR-000061
IISW-SV-000110
CAT II
10
Access the IIS 8.5 web server IIS Manager.
Click the IIS 8.5 web server name.
Under "IIS", double-click the "Logging" icon.
Verify the "Format:" under "Log File" is configured to "W3C".
Select the "Fields" button.
Under "Custom Fields", click the "Add Field..." button.
For each field being added, give a name unique to what the field is capturing.
Click on the "Source Type" drop-down list and select "Request Header".
Click on the "Source" drop-down list and select "Connection".
Click “OK” to add.
Click on the "Source Type" drop-down list and select "Request Header".
Click on the "Source" drop-down list and select "Warning".
Click “OK” to add.
Click "Apply" under the "Actions" pane.
Access the IIS 8.5 web server IIS Manager.
Click the IIS 8.5 web server name.
Under "IIS", double-click the "Logging" icon.
Verify the "Format:" under "Log File" is configured to "W3C".
Select the "Fields" button.
Under "Custom Fields", verify the following fields have been configured:
Request Header >> Connection
Request Header >> Warning
If any of the above fields are not selected, this is a finding.
V-214403
False
IISW-SV-000110
Access the IIS 8.5 web server IIS Manager.
Click the IIS 8.5 web server name.
Under "IIS", double-click the "Logging" icon.
Verify the "Format:" under "Log File" is configured to "W3C".
Select the "Fields" button.
Under "Custom Fields", verify the following fields have been configured:
Request Header >> Connection
Request Header >> Warning
If any of the above fields are not selected, this is a finding.
M
4000