Skip to main content
CUI

Scan: SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb

Back to LAB BASELINES Scans

Scan Information

Hull Number
BASELINE
Scan Date
2026-03-12
Source File
SCHR-P3-DP-001 IIS10Server 20260305-132942
Source Tool
STIG Viewer CKLB
Imported
2026-03-12 19:38
Hostname (from CKL asset — override if blank or incorrect)
Upgrade History Export CSV Export Excel
STIG Benchmark

Microsoft IIS 10.0 Server Security Technical Implementation Guide

Version

V3R7

Score

100.0%

Total

42

Open

0

OCA Technology Area

Assign this checklist to an OCA assessment area for scoring

Hostname
SCHR-P3-DP-001
STIG Benchmark
Microsoft IIS 10.0 Server Security Technical Implementation Guide
Current Area: Not Assigned

STIG Rule Mapping

42
Mapped to STIG
0
Unmapped
42
Total Findings
All findings mapped to STIG rules.

Checklist Scoring

Severity Not a Finding Not Applicable Open Not Reviewed Total
CAT I 4 0 0 0 4
CAT II 32 4 0 0 36
CAT III 2 0 0 0 2
Total 38 4 0 0 42
Filter:

Vuln IDs (42)

V-218786 Both the log file and Event Tracing for Windows (E...
V-218788 The IIS 10.0 web server must produce log records t...
V-218789 The IIS 10.0 web server must produce log records c...
V-218790 The log information from the IIS 10.0 web server m...
V-218791 The log data and records from the IIS 10.0 web ser...
V-218792 The IIS 10.0 web server must not perform user mana...
V-218793 The IIS 10.0 web server must only contain function...
V-218794 The IIS 10.0 web server must not be both a website...
V-218795 All IIS 10.0 web server sample code, example appli...
V-218796 The accounts created by uninstalled features (i.e....
V-218797 The IIS 10.0 web server must be reviewed on a regu...
V-218798 The IIS 10.0 web server must have Multipurpose Int...
V-218799 The IIS 10.0 web server must have Web Distributed ...
V-218801 Java software installed on a production IIS 10.0 w...
V-218802 IIS 10.0 Web server accounts accessing the directo...
V-218803 The IIS 10.0 web server must separate the hosted a...
V-218804 The IIS 10.0 web server must use cookies to track ...
V-218805 The IIS 10.0 web server must accept only system-ge...
V-218806 The IIS 10.0 web server must augment re-creation t...
V-218807 The production IIS 10.0 web server must utilize SH...
V-218808 Directory Browsing on the IIS 10.0 web server must...
V-218809 The IIS 10.0 web server Indexing must only index w...
V-218810 Warning and error messages displayed to clients mu...
V-218812 The IIS 10.0 web server must restrict inbound conn...
V-218813 The IIS 10.0 web server must provide the capabilit...
V-218814 IIS 10.0 web server system files must conform to m...
V-218815 The IIS 10.0 web server must use a logging mechani...
V-218816 Access to web administration tools must be restric...
V-218817 The IIS 10.0 web server must not be running on a s...
V-218818 The Internet Printing Protocol (IPP) must be disab...
V-218819 The IIS 10.0 web server must be tuned to handle th...
V-218820 IIS 10.0 web server session IDs must be sent to th...
V-218821 An IIS 10.0 web server must maintain the confident...
V-218822 The IIS 10.0 web server must maintain the confiden...
V-218823 All accounts installed with the IIS 10.0 web serve...
V-218824 Unspecified file extensions on a production IIS 10...
V-218825 The IIS 10.0 web server must have a global authori...
V-218826 The IIS 10.0 websites MaxConnections setting must ...
V-218827 The IIS 10.0 web server must enable HTTP Strict Tr...
V-228572 An IIS Server configured to be a SMTP relay must r...
V-241789 ASP.NET version must be removed from the HTTP Resp...
V-268325 The Request Smuggling filter must be enabled.

Vulnerability Details

Click a Vuln ID on the left to view details.

Status & Comments

Select a finding to edit.

← Back to LAB BASELINES Scans
CUI