STIGQter STIGQter: STIG Summary: Microsoft Exchange 2016 Mailbox Server Security Technical Implementation Guide Version: 1 Release: 4 Benchmark Date: 25 Oct 2019: The Exchange Email application must not share a partition with another application.

DISA Rule

SV-95447r1_rule

Vulnerability Number

V-80737

Group Title

SRG-APP-000431

Rule Version

EX16-MB-000620

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Update the EDSP with the location of where Exchange is installed.

Install Exchange on a dedicated application directory or partition separate than that of the operating system.

Check Contents

Review the Email Domain Security Plan (EDSP).

Determine if the directory Exchange is installed.

Open Windows Explorer.

Navigate to where Exchange is installed.

If Exchange resides on a directory or partition other than that of the operating system and does not have other applications installed (unless approved by the Information System Security Officer [ISSO]), this is not a finding.

Vulnerability Number

V-80737

Documentable

False

Rule Version

EX16-MB-000620

Severity Override Guidance

Review the Email Domain Security Plan (EDSP).

Determine if the directory Exchange is installed.

Open Windows Explorer.

Navigate to where Exchange is installed.

If Exchange resides on a directory or partition other than that of the operating system and does not have other applications installed (unless approved by the Information System Security Officer [ISSO]), this is not a finding.

Check Content Reference

M

Target Key

3355

Comments