Details
Exchange software, as with other application software installed on a host system, must be included in a system baseline record and periodically reviewed; otherwise, unauthorized changes to the software may not be discovered. This effort is a vital step to securing the host and the applications, as it is the only method that may provide the ability to detect and recover from otherwise undetected changes, such as those that result from worm or bot intrusions.
The Exchange software and configuration baseline is created and maintained for comparison during scanning efforts. Operational procedures must include baseline updates as part of configuration management tasks that change the software and configuration.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Update the EDSP.
Implement the email software baseline process.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.
References
- 800-53|CM-5(1)
- CAT|II
- CCI|CCI-001813
- Rule-ID|SV-84385r1_rule
- STIG-ID|EX13-CA-000120
- Vuln-ID|V-69763