STIGQter: STIG Summary: Exchange 2010 Client Access Server STIG Version: 1 Release: 9 Benchmark Date: 27 Jan 2017:

The Microsoft Exchange IMAP4 service must be disabled.

DISA Rule

SV-43982r1_rule

Vulnerability Number

V-33562

Group Title

Exch-1-005

Rule Version

Exch-1-005

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Open the Windows Power Shell and enter the following command:

services.msc

Double click the 'Microsoft Exchange IMAP4' service and select the General tab.

Set the 'Startup Type' to 'Disabled', click ok.

Check Contents

Open the Windows Power Shell and enter the following command:

Get-ItemProperty 'hklm:\system\currentcontrolset\services\MSExchangeIMAP4' | Select Start

If the value of 'Start' is not set to '4', this is a finding.

Vulnerability Number

V-33562

Documentable

False

Rule Version

Exch-1-005

Severity Override Guidance

Open the Windows Power Shell and enter the following command:

Get-ItemProperty 'hklm:\system\currentcontrolset\services\MSExchangeIMAP4' | Select Start

If the value of 'Start' is not set to '4', this is a finding.

Check Content Reference

M

Target Key

1995

Comments