STIGQter: STIG Summary: MS Exchange 2013 Client Access Server Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020:

Exchange services must be documented and unnecessary services must be removed or disabled.

DISA Rule

SV-84389r1_rule

Vulnerability Number

V-69767

Group Title

SRG-APP-000383

Rule Version

EX13-CA-000130

Severity

CAT II

CCI(s)

CCI-001762 - The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure.

Weight

Fix Recommendation

Update the EDSP with the services required for the system to function.

Remove or disable any services that are not required.

Check Contents

Review the Email Domain Security Plan (EDSP).

Note: Required services will vary between organizations and will vary depending on the role of the individual system. Organizations will develop their own list of services, which will be documented and justified with the ISSO. The site’s list will be provided for any security review. Services that are common to multiple systems can be addressed in one document. Exceptions for individual systems should be identified separately by system.

Open a Windows PowerShell and enter the following command:

Get-Service | Where-Object {$_.status -eq 'running'}

The command returns a list of installed services and the status of that service.

If the site has not documented the services required for its system(s), this is a finding.

If any undocumented or unnecessary services are running, this is a finding.

Exchange services must be documented and unnecessary services must be removed or disabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments