STIGQter STIGQter: STIG Summary:

Exchange 2010 Mailbox Server STIG

Version: 1

Release: 10 Benchmark Date: 28 Jul 2017

SV-43993r1_rulePublic Store storage quota must be limited.
SV-43997r1_ruleThe Public Folder Stores must mount at startup.
SV-44000r1_rulePublic Folder stores must be retained until backups are complete.
SV-44002r1_rulePublic Folder database must not be overwritten by a restore.
SV-44011r2_ruleMail quota settings must not restrict receiving mail.
SV-44013r1_ruleMail Store storage quota must limit send.
SV-44015r1_ruleMail Store storage quota must issue a warning.
SV-44017r1_ruleThe Mailbox Stores must mount at startup.
SV-44020r1_ruleMailboxes must be retained until backups are complete.
SV-44022r1_ruleMailbox database must not be overwritten by a restore.
SV-44024r1_ruleMailbox databases must reside on a dedicated partition.
SV-44025r2_ruleEmail forwarding must be restricted.
SV-44026r2_ruleEmail Diagnostic log level must be set to low or lowest level.
SV-44028r2_ruleThe Send Fatal Errors to Microsoft must be disabled.
SV-44029r2_ruleAdministrator audit logging must be enabled.
SV-44031r1_ruleAudit data must be protected against unauthorized access.
SV-44032r2_ruleCircular Logging must be disabled.
SV-44033r1_ruleExchange application directory must be protected from unauthorized access.
SV-44034r1_ruleEmail Subject Line logging must be disabled.
SV-44035r1_ruleMessage Tracking Logging must be enabled.
SV-44036r1_ruleExchange must not send Customer Experience reports to Microsoft.
SV-44037r2_ruleAudit record parameters must be set.
SV-44038r1_ruleAudit data must be on separate partitions.
SV-44039r3_ruleQueue monitoring must be configured with threshold and action.
SV-44040r1_ruleEmail software must be monitored for change on INFOCON frequency schedule.
SV-44041r1_ruleExchange software baseline copy must exist.
SV-44043r2_ruleServices must be documented and unnecessary services must be removed or disabled.
SV-44045r3_ruleEmail application must not share a partition with another application.
SV-44046r2_ruleServers must use approved DoD certificates.
SV-44048r1_ruleEmail servers must have Email aware virus protection.
SV-44049r3_ruleThe current, approved service pack must be installed.
SV-44052r1_ruleLocal machine policy must require signed scripts.
SV-50976r1_ruleEmail forwarding SMTP domains must be restricted.