Details
Review the SharePoint server configuration to ensure an information system isolation boundary that minimizes the number of non-security functions included within the boundary containing security functions are implemented.
Rationale:
The information system isolates security functions from non-security functions by means of an isolation boundary (implemented via partitions and domains) controlling access to and protecting the integrity of, the hardware, software, and firmware that perform those security functions. The information system maintains a separate execution domain (e.g., address space) for each executing process.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
1. In the server hosting the farm’s Central Administration website Open ‘IIS Manager’.
2. Expand Sites tree view and right-click the web application named SharePoint Central Administration.
3. Select Edit Bindings ….
4. Change the site is bound to an out-of-band (OOB) IP address.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.