Documentation - V-218806

V-218806

Microsoft IIS 10.0 Server Security Technical Implementation Guide

CAT II

Title

The IIS 10.0 web server must augment re-creation to a stable and known baseline.

Description

<VulnDiscussion>Making certain that the web server has not been updated by an unauthorized user is always a concern. Adding patches, functions, and modules that are untested and not part of the baseline opens the possibility for security risks. The web server must offer, and not hinder, a method that allows for the quick and easy reinstallation of a verified and patched baseline to guarantee the production web server is up-to-date and has not been modified to add functionality or expose security...

Fix Text (Documentation Requirement)

Prepare documentation for disaster recovery methods for the IIS 10.0 web server in the event of the necessity for rollback. Document and test the disaster recovery methods designed.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel