STIGQter: STIG Summary: MS Exchange 2010 Edge Transport Server STIG Version: 1 Release: 15 Benchmark Date: 26 Apr 2019:

Audit data must be on separate partitions.

DISA Rule

SV-44038r1_rule

Vulnerability Number

V-33618

Group Title

Exch-2-839

Rule Version

Exch-2-839

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Configure the audit log location to be on a partition drive separate from the application.

Document the location in the EDSP.

Check Contents

Obtain the Email Domain Security Plan (EDSP) and locate the audit logs assigned partition.

By default the logs are located on the application partition in '\Program Files\Microsoft\Exchange Server\V14\Logging\'.

If the log files are not on a separate partition from the application, this is a finding.

Vulnerability Number

V-33618

Documentable

False

Rule Version

Exch-2-839

Severity Override Guidance

Obtain the Email Domain Security Plan (EDSP) and locate the audit logs assigned partition.

By default the logs are located on the application partition in '\Program Files\Microsoft\Exchange Server\V14\Logging\'.

If the log files are not on a separate partition from the application, this is a finding.

Check Content Reference

M

Target Key

1995

Comments