STIGQter STIGQter: STIG Summary: IIS 8.5 Server Security Technical Implementation Guide Version: 1 Release: 9 Benchmark Date: 25 Oct 2019: The IIS 8.5 web server must only contain functions necessary for operation.

DISA Rule

SV-91397r1_rule

Vulnerability Number

V-76701

Group Title

SRG-APP-000141-WSR-000075

Rule Version

IISW-SV-000118

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove all unapproved programs and roles from the production IIS 8.5 web server.

Check Contents

Click on “Start”.

Open Control Panel.

Click on “Programs”.

Click on “Programs and Features”.

Review the installed programs, if any programs are installed other than those required for the IIS 8.5 web services, this is a finding.

Note: If additional software is needed supporting documentation must be signed by the ISSO.

Vulnerability Number

V-76701

Documentable

False

Rule Version

IISW-SV-000118

Severity Override Guidance

Click on “Start”.

Open Control Panel.

Click on “Programs”.

Click on “Programs and Features”.

Review the installed programs, if any programs are installed other than those required for the IIS 8.5 web services, this is a finding.

Note: If additional software is needed supporting documentation must be signed by the ISSO.

Check Content Reference

M

Target Key

2793

Comments