STIGQter: STIG Summary: Microsoft SharePoint 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Microsoft SharePoint 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-223240r612235_rule
V-223240
SRG-APP-000014
SP13-00-000015
CAT I
10
Configure the SharePoint server to use approved cryptography to protect the confidentiality of remote access sessions.
Open IIS Manager.
In the Connections pane, expand "Sites".
Click the "Web Application" site.
In the Actions pane, click "Bindings".
In the Site Bindings window, click "Add".
In the Add Site Binding window, change "Type" to "https", and select the site's SSL certificate. Click "OK".
Remove all bindings that do not use https.
Click "Close".
Review the SharePoint server configuration to ensure approved cryptography is being utilized to protect the confidentiality of remote access sessions.
Navigate to Central Administration.
Under “System Settings”, click “Configure Alternate Access mappings”.
Review the “Public URL for zone” column values. If any URL does not begin with “https”, this is a finding.
V-223240
False
SP13-00-000015
Review the SharePoint server configuration to ensure approved cryptography is being utilized to protect the confidentiality of remote access sessions.
Navigate to Central Administration.
Under “System Settings”, click “Configure Alternate Access mappings”.
Review the “Public URL for zone” column values. If any URL does not begin with “https”, this is a finding.
M
4096