STIGQter: STIG Summary: Microsoft SharePoint 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021: STIGQter: STIG Summary: Microsoft SharePoint 2013 Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:SV-223242r612235_rule
V-223242
SRG-APP-000016
SP13-00-000025
CAT II
10
Configure the SharePoint server configuration to audit remote sessions for accessing security functions and security-relevant information.
In Central Administration, click on Security.
On the Security page, in the Information policy list, click "Configure information rights management".
Select "Use the default RMS server specified in Active Directory", or identify a specific server by selecting "Use this RMS server:" and entering the server name.
Configure information management policies in accordance with the system security plan requirements.
Note: If no unsanctioned information is transferred, and has been documented by the Data Owner, IRM is not required. This requirement is Not Applicable.
Review the SharePoint server configuration to ensure remote sessions for accessing security functions and security-relevant information are audited.
Verify that SharePoint audit settings are configured at the site collection level in accordance with your system security plan.
To verify audit settings at the site collection level for each site collection level subject to auditing per the SSP:
Click Settings >> Site settings.
If not at the root of your site collection, under Site Collection Administration, click Go to top level site settings. (Note: The Site Collection Administration section will not be available if you do not have the necessary permissions)
On the Site Settings page, under Site Collection Administration, click Site collection audit settings.
On the Configure Audit Settings page verify the events that are required to audit are selected, and then click OK. If nothing is selected, or the selected criteria do not match the SSP, this is a finding.
V-223242
False
SP13-00-000025
Note: If no unsanctioned information is transferred, and has been documented by the Data Owner, IRM is not required. This requirement is Not Applicable.
Review the SharePoint server configuration to ensure remote sessions for accessing security functions and security-relevant information are audited.
Verify that SharePoint audit settings are configured at the site collection level in accordance with your system security plan.
To verify audit settings at the site collection level for each site collection level subject to auditing per the SSP:
Click Settings >> Site settings.
If not at the root of your site collection, under Site Collection Administration, click Go to top level site settings. (Note: The Site Collection Administration section will not be available if you do not have the necessary permissions)
On the Site Settings page, under Site Collection Administration, click Site collection audit settings.
On the Configure Audit Settings page verify the events that are required to audit are selected, and then click OK. If nothing is selected, or the selected criteria do not match the SSP, this is a finding.
M
4096