STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021: STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:SV-228402r612748_rule
V-228402
SRG-APP-000381
EX16-MB-000590
CAT II
10
Update the EDSP to specify that the organization monitors system files on servers for unauthorized changes against a baseline on a weekly basis or verify that this information is documented by the organization.
Monitor the software files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on Exchange servers for unauthorized changes against a baseline on a weekly basis.
Note: This can be done with the use of various monitoring tools.
Review the Email Domain Security Plan (EDSP).
Determine whether the site monitors system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on servers for unauthorized changes against a baseline on a weekly basis.
If software files are not monitored for unauthorized changes, this is a finding.
Note: A properly configured HBSS Policy Auditor File Integrity Monitor (FIM) module will meet the requirement for file integrity checking. The Asset module within HBSS does not meet this requirement.
V-228402
False
EX16-MB-000590
Review the Email Domain Security Plan (EDSP).
Determine whether the site monitors system files (e.g., *.exe, *.bat, *.com, *.cmd, and *.dll) on servers for unauthorized changes against a baseline on a weekly basis.
If software files are not monitored for unauthorized changes, this is a finding.
Note: A properly configured HBSS Policy Auditor File Integrity Monitor (FIM) module will meet the requirement for file integrity checking. The Asset module within HBSS does not meet this requirement.
M
4223