STIGQter STIGQter: STIG Summary: IIS 8.5 Server Security Technical Implementation Guide Version: 1 Release: 9 Benchmark Date: 25 Oct 2019: The IIS 8.5 web server must be reviewed on a regular basis to remove any Operating System features, utility programs, plug-ins, and modules not necessary for operation.

DISA Rule

SV-91405r1_rule

Vulnerability Number

V-76709

Group Title

SRG-APP-000141-WSR-000080

Rule Version

IISW-SV-000123

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove all utility programs, Operating System features or modules which are installed but are not necessary for web server operation.

Check Contents

Consult with the System Administrator and review all of the IIS 8.5 and Operating System features installed.

Determine if any are installed which are no longer necessary for operation.

If any utility programs, features or modules are installed which are not necessary for operation, this is a finding.

If any unnecessary Operating System features are installed, this is a finding.

Vulnerability Number

V-76709

Documentable

False

Rule Version

IISW-SV-000123

Severity Override Guidance

Consult with the System Administrator and review all of the IIS 8.5 and Operating System features installed.

Determine if any are installed which are no longer necessary for operation.

If any utility programs, features or modules are installed which are not necessary for operation, this is a finding.

If any unnecessary Operating System features are installed, this is a finding.

Check Content Reference

M

Target Key

2793

Comments