STIGQter STIGQter: STIG Summary: MS Exchange 2010 Edge Transport Server STIG Version: 1 Release: 15 Benchmark Date: 26 Apr 2019: Services must be documented and unnecessary services must be removed or disabled.

DISA Rule

SV-44043r2_rule

Vulnerability Number

V-33623

Group Title

Exch-3-804

Rule Version

Exch-3-804

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Document the services required for the system to operate. Remove or disable any services that are not required.

Check Contents

To view system services open a windows power shell and enter the following command:

Get-Service | Where-Object {$_.status -eq 'running'}

The command returns a list of installed services and the status of that service.

Required services will vary between organizations, and will vary depending on the role of the individual system. Organizations will develop their own list of services which will be documented and justified with the ISSO. The Site’s list will be provided for any security review. Services that are common to multiple systems can be addressed in one document. Exceptions for individual systems should be identified separately by system.

If the site has not documented the services required for their system(s), this is a finding.

If any undocumented or unnecessary services are running, then this is a finding.

Vulnerability Number

V-33623

Documentable

False

Rule Version

Exch-3-804

Severity Override Guidance

To view system services open a windows power shell and enter the following command:

Get-Service | Where-Object {$_.status -eq 'running'}

The command returns a list of installed services and the status of that service.

Required services will vary between organizations, and will vary depending on the role of the individual system. Organizations will develop their own list of services which will be documented and justified with the ISSO. The Site’s list will be provided for any security review. Services that are common to multiple systems can be addressed in one document. Exceptions for individual systems should be identified separately by system.

If the site has not documented the services required for their system(s), this is a finding.

If any undocumented or unnecessary services are running, then this is a finding.

Check Content Reference

M

Target Key

1995

Comments