STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

Exchange must have Administrator audit logging enabled.

DISA Rule

SV-228354r612748_rule

Vulnerability Number

V-228354

Group Title

SRG-APP-000027

Rule Version

EX16-MB-000010

Severity

CAT II

CCI(s)

CCI-001403 - The information system automatically audits account modification actions.

Weight

Fix Recommendation

Open the Exchange Management Shell and enter the following command:

Set-AdminAuditLogConfig -AdminAuditLogEnabled $true

Check Contents

Open the Exchange Management Shell and enter the following command:

Get-AdminAuditLogConfig | Select Name, AdminAuditLogEnabled

If the value of "AdminAuditLogEnabled" is not set to "True", this is a finding.

Vulnerability Number

V-228354

Documentable

False

Rule Version

EX16-MB-000010

Severity Override Guidance

Check Content Reference

Target Key

4223

Exchange must have Administrator audit logging enabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments