STIGQter STIGQter: STIG Summary: IIS 8.5 Server Security Technical Implementation Guide Version: 1 Release: 9 Benchmark Date: 25 Oct 2019: The enhanced logging for the IIS 8.5 web server must be enabled and capture all user and web server events.

DISA Rule

SV-91377r1_rule

Vulnerability Number

V-76681

Group Title

SRG-APP-000092-WSR-000055

Rule Version

IISW-SV-000102

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Open the IIS 8.5 Manager.

Click the IIS 8.5 web server name.

Click the "Logging" icon.

Under Format select "W3C".

Select the following fields: Date, Time, Client IP Address, User Name, Method, URI Query, Protocol Status, and Referrer.

Under the "Actions" pane, click "Apply".

Check Contents

Open the IIS 8.5 Manager.

Click the IIS 8.5 web server name.

Click the "Logging" icon.

Under Format select "W3C".

Click "Select Fields", verify at a minimum the following fields are checked: Date, Time, Client IP Address, User Name, Method, URI Query, Protocol Status, and Referrer.

If not, this is a finding.

Vulnerability Number

V-76681

Documentable

False

Rule Version

IISW-SV-000102

Severity Override Guidance

Open the IIS 8.5 Manager.

Click the IIS 8.5 web server name.

Click the "Logging" icon.

Under Format select "W3C".

Click "Select Fields", verify at a minimum the following fields are checked: Date, Time, Client IP Address, User Name, Method, URI Query, Protocol Status, and Referrer.

If not, this is a finding.

Check Content Reference

M

Target Key

2793

Comments